Search Results | AttackerKB

Show filters

Topics 217 Users 9,708

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

217 Total Results

Displaying 51-60 of 217

Attacker Value

Unknown

CVE-2019-6667

Disclosure Date: November 27, 2019 (last updated November 27, 2024)

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.5.1-11.6.5, under certain conditions, TMM may consume excessive resources when processing traffic for a Virtual Server with the FIX (Financial Information eXchange) profile applied.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2019-6671

Disclosure Date: November 27, 2019 (last updated November 27, 2024)

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, under certain conditions tmm may leak memory when processing packet fragments, leading to resource starvation.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2019-6669

Disclosure Date: November 27, 2019 (last updated November 27, 2024)

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, undisclosed traffic flow may cause TMM to restart under some circumstances.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2019-6666

Disclosure Date: November 27, 2019 (last updated November 27, 2024)

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, and 13.1.0-13.1.1.4, the TMM process may produce a core file when an upstream server or cache sends the BIG-IP an invalid age header value.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2019-6663

Disclosure Date: November 15, 2019 (last updated November 27, 2024)

The BIG-IP 15.0.0-15.0.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1 configuration utility is vulnerable to Anti DNS Pinning (DNS Rebinding) attack.

Attack Vector: Local Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2019-6659

Disclosure Date: November 15, 2019 (last updated November 27, 2024)

On version 14.0.0-14.1.0.1, BIG-IP virtual servers with TLSv1.3 enabled may experience a denial of service due to undisclosed incoming messages.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2019-6662

Disclosure Date: November 15, 2019 (last updated November 27, 2024)

On BIG-IP 13.1.0-13.1.1.4, sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request. Users with access to the log files would be able to view that data.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2019-6664

Disclosure Date: November 15, 2019 (last updated November 27, 2024)

On BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, network protections on the management port do not follow current best practices.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2019-6660

Disclosure Date: November 15, 2019 (last updated November 27, 2024)

On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2019-6657

Disclosure Date: November 01, 2019 (last updated November 27, 2024)

On BIG-IP 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI), also known as the BIG-IP Configuration utility.

Attack Vector: Network Privileges: None User Interaction: Required

0