Vulnerabilities > F5 > BIG IP Websafe > 11.5.3

DATE CVE VULNERABILITY TITLE RISK
2017-12-21 CVE-2017-6132 Improper Input Validation vulnerability in F5 products
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 and 11.5.0 - 11.5.4, an undisclosed sequence of packets sent to BIG-IP High Availability state mirror listeners (primary and/or secondary IP) may cause TMM to restart.
network
low complexity
f5 CWE-20
7.5
7.5
2017-10-20 CVE-2017-6165 Information Exposure Through Log Files vulnerability in F5 products
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5.1 HF6 through 11.5.4 HF4, 11.6.0 through 11.6.1 HF1, and 12.0.0 through 12.1.2 on VIPRION platforms only, the script which synchronizes SafeNet External Network HSM configuration elements between blades in a clustered deployment will log the HSM partition password in cleartext to the "/var/log/ltm" log file.
network
low complexity
f5 CWE-532
critical
 9.8
9.8
2017-02-20 CVE-2016-6249 Information Exposure vulnerability in F5 products
F5 BIG-IP 12.0.0 and 11.5.0 - 11.6.1 REST requests which timeout during user account authentication may log sensitive attributes such as passwords in plaintext to /var/log/restjavad.0.log.
local
low complexity
f5 CWE-200
5.3
5.3