Vulnerabilities > F5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-05-08 | CVE-2019-5021 | Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the `root` user. | 9.8 |
2019-05-07 | CVE-2018-20836 | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 4.20. | 8.1 |
2019-05-03 | CVE-2019-6619 | Unspecified vulnerability in F5 products On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, the Traffic Management Microkernel (TMM) may restart when a virtual server has an HTTP/2 profile with Application Layer Protocol Negotiation (ALPN) enabled and it processes traffic where the ALPN extension size is zero. | 7.5 |
2019-05-03 | CVE-2019-6618 | Unspecified vulnerability in F5 products On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, users with the Resource Administrator role can modify sensitive portions of the filesystem if provided Advanced Shell Access, such as editing /etc/passwd. | 4.9 |
2019-05-03 | CVE-2019-6617 | Improper Privilege Management vulnerability in F5 products On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, a user with the Resource Administrator role is able to overwrite sensitive low-level files (such as /etc/passwd) using SFTP to modify user permissions, without Advanced Shell access. | 6.5 |
2019-05-03 | CVE-2019-6616 | Unspecified vulnerability in F5 products On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, administrative users with TMSH access can overwrite critical system files on BIG-IP which can result in bypass of whitelist / blacklist restrictions enforced by appliance mode. | 7.2 |
2019-05-03 | CVE-2019-6615 | Unspecified vulnerability in F5 products On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, Administrator and Resource Administrator roles might exploit TMSH access to bypass Appliance Mode restrictions on BIG-IP systems. | 4.9 |
2019-05-03 | CVE-2019-6614 | Unspecified vulnerability in F5 products On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, internal methods used to prevent arbitrary file overwrites in Appliance Mode were not fully effective. | 6.5 |
2019-05-03 | CVE-2019-6613 | Cleartext Transmission of Sensitive Information vulnerability in F5 products On BIG-IP 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, SNMP may expose sensitive configuration objects over insecure transmission channels. | 5.3 |
2019-05-03 | CVE-2019-6612 | Unspecified vulnerability in F5 products On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, DNS query TCP connections that are aborted before receiving a response from a DNS cache may cause TMM to restart. | 7.5 |