On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, and 12.1.x prior to 12.1.5.3, undisclosed requests to a virtual server may be incorrectly handled by the Traffic Management Microkernel (TMM) URI normalization, which may trigger a buffer overflow, resulting in a DoS attack. In certain situations, it may theoretically allow bypass of URL based access control or remote code execution (RCE). Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
f5 big-ip access policy manager |
||
f5 big-ip advanced firewall manager |
||
f5 big-ip application acceleration manager |
||
f5 big-ip analytics |
||
f5 big-ip application security manager |
||
f5 big-ip domain name system |
||
f5 big-ip global traffic manager |
||
f5 big-ip fraud protection service |
||
f5 big-ip link controller |
||
f5 big-ip local traffic manager |
||
f5 big-ip policy enforcement manager |
||
f5 big-ip advanced web application firewall |
||
f5 big-ip ddos hybrid defender |
||
f5 ssl orchestrator |
Remote code execution, denial of service, API abuse possible. Meanwhile, FBI pegs China for Exchange hacks What do F5, Citrix, Pulse Secure all have in common? China exploiting their flaws to hack govt, biz – Feds European Banking Authority restores email service in wake of Microsoft Exchange hack
Security and automation vendor F5 has warned of seven patch-ASAP-grade vulnerabilities in its Big-IP network security and traffic-grooming products, plus another 14 vulns worth fixing. An advisory dated today lists seven CVEs, four rated critical. Most of the bugs concern TMUI – the Traffic Management User Interface that users work with to drive F5 products – and they can be exploited to achieve remote code execution, denial of service attacks, or complete device takeovers; sometimes all thr...
Vulmon