Vulnerabilities > F5 > F5Os C > 1.5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-14 | CVE-2024-23607 | Path Traversal vulnerability in F5 F5Os-A and F5Os-C A directory traversal vulnerability exists in the F5OS QKView utility that allows an authenticated attacker to read files outside the QKView directory. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 5.5 |
| 2024-02-14 | CVE-2024-24966 | Incorrect Authorization vulnerability in F5 F5Os-A and F5Os-C When LDAP remote authentication is configured on F5OS, a remote user without an assigned role will be incorrectly authorized. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 5.5 |
| 2021-11-11 | CVE-2002-20001 | Resource Exhaustion vulnerability in multiple products The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. | 7.5 |