Vulnerabilities > F5 > Traffix Signaling Delivery Controller > 5.2.0

DATE CVE VULNERABILITY TITLE RISK
2022-05-05 CVE-2022-27662 Unspecified vulnerability in F5 Traffix Signaling Delivery Controller 5.1.0/5.2.0
On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Template Injection vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute template language-specific instructions in the context of the server.
network
low complexity
f5
4.8
4.8
2022-05-05 CVE-2022-27880 Unspecified vulnerability in F5 Traffix Signaling Delivery Controller 5.1.0/5.2.0
On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user.
network
low complexity
f5
4.8
4.8
2021-11-11 CVE-2002-20001 Resource Exhaustion vulnerability in multiple products
The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack.
network
low complexity
balasys siemens suse f5 hpe stormshield CWE-400
7.5
7.5