Vulnerabilities > F5 > BIG IP Advanced WEB Application Firewall > 14.1.2.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-05 | CVE-2020-5946 | Unspecified vulnerability in F5 Big-Ip Fraud Protection Service In BIG-IP Advanced WAF and FPS versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, under some circumstances, certain format client-side alerts sent to the BIG-IP virtual server configured with DataSafe may cause the Traffic Management Microkernel (TMM) to restart, resulting in a Denial-of-Service (DoS). | 7.5 |
| 2020-11-05 | CVE-2020-5943 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in F5 products In versions 14.1.0-14.1.0.1 and 14.1.2.5-14.1.2.7, when a BIG-IP object is created or listed through the REST interface, the protected fields are obfuscated in the REST response, not protected via a SecureVault cryptogram as TMSH does. | 6.5 |