RSS   Podatności dla 'Linerate'   RSS

2017-11-22
 
CVE-2017-6166

CWE-415
 

 
In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12.0.0 to 12.1.1, in some cases the Traffic Management Microkernel (TMM) may crash when processing fragmented packets. This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted while TMM restarts. If the affected BIG-IP system is configured as part of a device group, it will trigger a failover to the peer device.

 
2014-12-09
 
CVE-2014-8730

 

 
The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself.

 

 >>> Vendor: F5 76 Produkty
Big-ip
Icontrol service manager
Enterprise manager
Firepass 4100
Firepass 1000
Firepass
Firepass ssl vpn
Firepass 1200
Nginx
Big-ip application security manager
Big-ip protocol security manager
Mobilesafe
Big-ip local traffic manager
Big-ip global traffic manager
Application security manager appliance
Big-ip access policy manager
Big-ip edge gateway
Big-ip link controller
Big-ip protocol security module
Big-ip wan optimization manager
Big-ip webaccelerator
Big-ip configuration utility
Big-ip analytics
Big-iq
Big-ip advanced firewall manager
Big-ip application acceleration manager
Big-ip policy enforcement manager
Arx data manager
ARX
Big-iq cloud
Big-iq device
Big-iq security
Linerate
Big-ip policy enforcement manager11.5.1
Big-iq adc
Big-ip enterprise manager
Big-ip domain name system
Big-ip global traffic manager11.2.0
Big-iq application delivery controller
Big-iq centralized management
Big-iq cloud and orchestration
Big-ip websafe
F5 iworkflow
Ssl intercept iapp
Ssl orchestrator
Big-ip aam
Big-ip afm
Big-ip apm
Big-ip asm
Big-ip ltm
Big-ip pem
Websafe
Big-ip dns
Big-ip fraud protection service
Traffix systems signaling delivery controller
Big-ip access policy manager client
TMOS
Traffix signaling delivery controller
Big-ip webaccelerator12.1.1
Traffix sdc
NJS
Websafe alert server
Iworkflow
Container ingress service
Big-ip controller
Nginx controller
Big-ip advanced web application firewall
Big-ip ddos hybrid defender
Big-ip ssl orchestrator
Big-ip carrier-grade nat
Access policy manager clients
Nginx modsecurity waf
Nginx controller api management
Access for android
Nginx service mesh
Big-ip guided configuration


Copyright 2024, cxsecurity.com

 

Back to Top