Vulnerabilities > F5 > SSL Orchestrator

DATE CVE VULNERABILITY TITLE RISK
2020-08-26 CVE-2020-5913 Improper Certificate Validation vulnerability in F5 products
In versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2, the BIG-IP Client or Server SSL profile ignores revoked certificates, even when a valid CRL is present.
network
high complexity
f5 CWE-295
7.4
7.4
2020-08-26 CVE-2020-5912 Unspecified vulnerability in F5 products
In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the restjavad process's dump command does not follow current best coding practices and may overwrite arbitrary files.
local
low complexity
f5
7.1
7.1
2020-07-01 CVE-2020-5902 Path Traversal vulnerability in F5 products
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
network
low complexity
f5 CWE-22
critical
 9.8
9.8
2019-11-27 CVE-2019-6674 Unspecified vulnerability in F5 SSL Orchestrator
On F5 SSL Orchestrator 15.0.0-15.0.1 and 14.0.0-14.1.2, TMM may crash when processing SSLO data in a service-chaining configuration.
network
low complexity
f5
7.5
7.5
2019-07-03 CVE-2019-6630 Unspecified vulnerability in F5 SSL Orchestrator 14.0.0/14.1.0/14.1.0.3
On F5 SSL Orchestrator 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, undisclosed traffic flow may cause TMM to restart under certain circumstances.
network
low complexity
f5
7.5
7.5
2019-07-03 CVE-2019-6627 Race Condition vulnerability in F5 SSL Orchestrator 14.1.0/14.1.0.3
On F5 SSL Orchestrator 14.1.0-14.1.0.5, on rare occasions, specific to a certain race condition, TMM may restart when SSL Forward Proxy enforces the bypass action for an SSL Orchestrator transparent virtual server with SNAT enabled.
network
high complexity
f5 CWE-362
5.9
5.9
2017-04-06 CVE-2017-6130 Server-Side Request Forgery (SSRF) vulnerability in F5 SSL Intercept Iapp and SSL Orchestrator
F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is vulnerable to a Server-Side Request Forgery (SSRF) attack when deployed using the Dynamic Domain Bypass (DDB) feature feature plus SNAT Auto Map option for egress traffic.
network
low complexity
f5 CWE-918
7.4
7.4