Vulnerabilities > F5 > BIG IP Advanced Firewall Manager > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-30 | CVE-2020-5876 | Cleartext Transmission of Sensitive Information vulnerability in F5 products On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, a race condition exists where mcpd and other processes may make unencrypted connection attempts to a new configuration sync peer. | 8.1 |
2020-04-30 | CVE-2020-5875 | Unspecified vulnerability in F5 products On BIG-IP 15.0.0-15.0.1 and 14.1.0-14.1.2.3, under certain conditions, the Traffic Management Microkernel (TMM) may generate a core file and restart while processing SSL traffic with an HTTP/2 full proxy. | 7.5 |
2020-04-30 | CVE-2020-5873 | Unspecified vulnerability in F5 products On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.1-11.6.5 and BIG-IQ 5.2.0-7.1.0, a user associated with the Resource Administrator role who has access to the secure copy (scp) utility but does not have access to Advanced Shell (bash) can execute arbitrary commands using a maliciously crafted scp request. | 7.2 |
2020-04-30 | CVE-2020-5872 | Unspecified vulnerability in F5 products On BIG-IP 14.1.0-14.1.2.3, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.4.1, when processing TLS traffic with hardware cryptographic acceleration enabled on platforms with Intel QAT hardware, the Traffic Management Microkernel (TMM) may stop responding and cause a failover event. | 7.5 |
2020-04-30 | CVE-2020-5871 | Unspecified vulnerability in F5 products On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. | 7.5 |
2020-03-27 | CVE-2020-5862 | Unspecified vulnerability in F5 products On BIG-IP 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.2, under certain conditions, TMM may crash or stop processing new traffic with the DPDK/ENA driver on AWS systems while sending traffic. | 7.5 |
2020-03-27 | CVE-2020-5861 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in F5 products On BIG-IP 12.1.0-12.1.5, the TMM process may produce a core file in some cases when Ram Cache incorrectly optimizes stored data resulting in memory errors. | 7.5 |
2020-03-27 | CVE-2020-5860 | Cleartext Transmission of Sensitive Information vulnerability in F5 products On BIG-IP 15.0.0-15.1.0.2, 14.1.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5.1, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, in a High Availability (HA) network failover in Device Service Cluster (DSC), the failover service does not require a strong form of authentication and HA network failover traffic is not encrypted by Transport Layer Security (TLS). | 8.1 |
2020-03-27 | CVE-2020-5859 | Unspecified vulnerability in F5 products On BIG-IP 15.1.0.1, specially formatted HTTP/3 messages may cause TMM to produce a core file. | 7.5 |
2020-03-27 | CVE-2020-5858 | Unspecified vulnerability in F5 products On BIG-IP 15.0.0-15.0.1.2, 14.1.0-14.1.2.2, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, users with non-administrator roles (for example, Guest or Resource Administrator) with tmsh shell access can execute arbitrary commands with elevated privilege via a crafted tmsh command. | 7.8 |