All the vulnerabilites related to f5 - big-ip_protocol_security_module
cve-2013-0150
Vulnerability from cvelistv5
Published
2013-08-09 18:00
Modified
2024-09-16 18:29
Severity ?
Summary
Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products "when APM is provisioned," allows remote attackers to upload and execute arbitrary files via a .. (dot dot) in the filename parameter.
References
https://nealpoole.com/blog/2013/07/code-execution-via-f5-networks-java-applet/x_refsource_MISC
http://support.f5.com/kb/en-us/solutions/public/14000/400/sol14468.htmlx_refsource_CONFIRM
http://secunia.com/advisories/53477third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:18:09.463Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://nealpoole.com/blog/2013/07/code-execution-via-f5-networks-java-applet/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/14000/400/sol14468.html"
          },
          {
            "name": "53477",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/53477"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products \"when APM is provisioned,\" allows remote attackers to upload and execute arbitrary files via a ..  (dot dot) in the filename parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-08-09T18:00:00Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://nealpoole.com/blog/2013/07/code-execution-via-f5-networks-java-applet/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/14000/400/sol14468.html"
        },
        {
          "name": "53477",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/53477"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2013-0150",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products \"when APM is provisioned,\" allows remote attackers to upload and execute arbitrary files via a ..  (dot dot) in the filename parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nealpoole.com/blog/2013/07/code-execution-via-f5-networks-java-applet/",
              "refsource": "MISC",
              "url": "https://nealpoole.com/blog/2013/07/code-execution-via-f5-networks-java-applet/"
            },
            {
              "name": "http://support.f5.com/kb/en-us/solutions/public/14000/400/sol14468.html",
              "refsource": "CONFIRM",
              "url": "http://support.f5.com/kb/en-us/solutions/public/14000/400/sol14468.html"
            },
            {
              "name": "53477",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/53477"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2013-0150",
    "datePublished": "2013-08-09T18:00:00Z",
    "dateReserved": "2012-12-06T00:00:00Z",
    "dateUpdated": "2024-09-16T18:29:34.115Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-8099
Vulnerability from cvelistv5
Published
2016-05-13 16:00
Modified
2024-08-06 08:13
Severity ?
Summary
F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x before 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 HF10; Enterprise Manager 3.0.0 through 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 on the 3900, 6900, 8900, 8950, 11000, 11050, PB100 and PB200 platforms, when software SYN cookies are configured on virtual servers, allow remote attackers to cause a denial of service (High-Speed Bridge hang) via an invalid TCP segment.
References
http://www.securitytracker.com/id/1035873vdb-entry, x_refsource_SECTRACK
https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.htmlx_refsource_CONFIRM
http://www.securitytracker.com/id/1035874vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:13:31.089Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1035873",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035873"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html"
          },
          {
            "name": "1035874",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035874"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-05-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x before 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 HF10; Enterprise Manager 3.0.0 through 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 on the 3900, 6900, 8900, 8950, 11000, 11050, PB100 and PB200 platforms, when software SYN cookies are configured on virtual servers, allow remote attackers to cause a denial of service (High-Speed Bridge hang) via an invalid TCP segment."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-05-13T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1035873",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035873"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html"
        },
        {
          "name": "1035874",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035874"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8099",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x before 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 HF10; Enterprise Manager 3.0.0 through 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 on the 3900, 6900, 8900, 8950, 11000, 11050, PB100 and PB200 platforms, when software SYN cookies are configured on virtual servers, allow remote attackers to cause a denial of service (High-Speed Bridge hang) via an invalid TCP segment."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1035873",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035873"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html"
            },
            {
              "name": "1035874",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035874"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8099",
    "datePublished": "2016-05-13T16:00:00",
    "dateReserved": "2015-11-09T00:00:00",
    "dateUpdated": "2024-08-06T08:13:31.089Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-6608
Vulnerability from cvelistv5
Published
2019-03-28 20:46
Modified
2024-08-04 20:23
Severity ?
Summary
On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests.
References
https://support.f5.com/csp/article/K12139752x_refsource_MISC
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:23:22.054Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K12139752"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
          "vendor": "BIG-IP",
          "versions": [
            {
              "status": "affected",
              "version": "11.5.1-11.6.3"
            },
            {
              "status": "affected",
              "version": "12.1.0-12.1.3"
            },
            {
              "status": "affected",
              "version": "13.0.0-13.1.1.1"
            },
            {
              "status": "affected",
              "version": "14.0.0-14.0.0.2"
            }
          ]
        }
      ],
      "datePublic": "2019-03-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "DoS",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-03-28T20:46:53",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.f5.com/csp/article/K12139752"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2019-6608",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "11.5.1-11.6.3"
                          },
                          {
                            "version_value": "12.1.0-12.1.3"
                          },
                          {
                            "version_value": "13.0.0-13.1.1.1"
                          },
                          {
                            "version_value": "14.0.0-14.0.0.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "BIG-IP"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "DoS"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K12139752",
              "refsource": "MISC",
              "url": "https://support.f5.com/csp/article/K12139752"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2019-6608",
    "datePublished": "2019-03-28T20:46:53",
    "dateReserved": "2019-01-22T00:00:00",
    "dateUpdated": "2024-08-04T20:23:22.054Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-15319
Vulnerability from cvelistv5
Published
2018-10-31 14:00
Modified
2024-08-05 09:46
Severity ?
Summary
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default "normalize URI" configuration options used in iRules and/or BIG-IP LTM policies.
References
http://www.securityfocus.com/bid/107052vdb-entry, x_refsource_BID
https://support.f5.com/csp/article/K64208870x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:46:25.504Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "107052",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/107052"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K64208870"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "14.0.0-14.0.0.2, 13.0.0-13.1.1.1, 12.1.0-12.1.3.6"
            }
          ]
        }
      ],
      "datePublic": "2018-10-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default \"normalize URI\" configuration options used in iRules and/or BIG-IP LTM policies."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "DoS",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-02-18T10:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "name": "107052",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/107052"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K64208870"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2018-15319",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "14.0.0-14.0.0.2, 13.0.0-13.1.1.1, 12.1.0-12.1.3.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default \"normalize URI\" configuration options used in iRules and/or BIG-IP LTM policies."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "DoS"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "107052",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/107052"
            },
            {
              "name": "https://support.f5.com/csp/article/K64208870",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K64208870"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2018-15319",
    "datePublished": "2018-10-31T14:00:00",
    "dateReserved": "2018-08-14T00:00:00",
    "dateUpdated": "2024-08-05T09:46:25.504Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-6128
Vulnerability from cvelistv5
Published
2017-05-01 15:00
Modified
2024-08-05 15:18
Severity ?
Summary
An attacker may be able to cause a denial-of-service (DoS) attack against the sshd component in F5 BIG-IP, Enterprise Manager, BIG-IQ, and iWorkflow.
References
http://www.securitytracker.com/id/1038363vdb-entry, x_refsource_SECTRACK
https://support.f5.com/csp/article/K92140924x_refsource_CONFIRM
http://www.securitytracker.com/id/1038362vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
F5 Networks, Inc. Enterprise Manager Version: varies depending on product - see https://support.f5.com/csp/article/K92140924 for table
F5 Networks, Inc. BIG-IQ Cloud, Device, Security, ADC, Centralized Management, Cloud and Orchestration Version: varies depending on product - see https://support.f5.com/csp/article/K92140924 for table
F5 Networks, Inc. iWorkflow Version: varies depending on product - see https://support.f5.com/csp/article/K92140924 for table
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:18:49.772Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1038363",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038363"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K92140924"
          },
          {
            "name": "1038362",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038362"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WebSafe",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "varies depending on product - see https://support.f5.com/csp/article/K92140924 for table"
            }
          ]
        },
        {
          "product": "Enterprise Manager",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "varies depending on product - see https://support.f5.com/csp/article/K92140924 for table"
            }
          ]
        },
        {
          "product": "BIG-IQ Cloud, Device, Security, ADC, Centralized Management, Cloud and Orchestration",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "varies depending on product - see https://support.f5.com/csp/article/K92140924 for table"
            }
          ]
        },
        {
          "product": "iWorkflow",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "varies depending on product - see https://support.f5.com/csp/article/K92140924 for table"
            }
          ]
        }
      ],
      "datePublic": "2017-04-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An attacker may be able to cause a denial-of-service (DoS) attack against the sshd component in F5 BIG-IP, Enterprise Manager, BIG-IQ, and iWorkflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "sshd is vulnerable to DoS",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T09:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "name": "1038363",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038363"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K92140924"
        },
        {
          "name": "1038362",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038362"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2017-6128",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WebSafe",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "varies depending on product - see https://support.f5.com/csp/article/K92140924 for table"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Enterprise Manager",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "varies depending on product - see https://support.f5.com/csp/article/K92140924 for table"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "BIG-IQ Cloud, Device, Security, ADC, Centralized Management, Cloud and Orchestration",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "varies depending on product - see https://support.f5.com/csp/article/K92140924 for table"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "iWorkflow",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "varies depending on product - see https://support.f5.com/csp/article/K92140924 for table"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An attacker may be able to cause a denial-of-service (DoS) attack against the sshd component in F5 BIG-IP, Enterprise Manager, BIG-IQ, and iWorkflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "sshd is vulnerable to DoS"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1038363",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038363"
            },
            {
              "name": "https://support.f5.com/csp/article/K92140924",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K92140924"
            },
            {
              "name": "1038362",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038362"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2017-6128",
    "datePublished": "2017-05-01T15:00:00",
    "dateReserved": "2017-02-21T00:00:00",
    "dateUpdated": "2024-08-05T15:18:49.772Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-5023
Vulnerability from cvelistv5
Published
2016-08-26 14:00
Modified
2024-08-06 00:46
Severity ?
Summary
Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted network traffic.
References
http://www.securitytracker.com/id/1036624vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/bid/92670vdb-entry, x_refsource_BID
https://support.f5.com/kb/en-us/solutions/public/k/19/sol19784568.htmlx_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:46:40.242Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1036624",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036624"
          },
          {
            "name": "92670",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/92670"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/19/sol19784568.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-08-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted network traffic."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1036624",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036624"
        },
        {
          "name": "92670",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/92670"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/19/sol19784568.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-5023",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted network traffic."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1036624",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036624"
            },
            {
              "name": "92670",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/92670"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/19/sol19784568.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/19/sol19784568.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-5023",
    "datePublished": "2016-08-26T14:00:00",
    "dateReserved": "2016-05-24T00:00:00",
    "dateUpdated": "2024-08-06T00:46:40.242Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-2084
Vulnerability from cvelistv5
Published
2016-04-13 16:00
Modified
2024-08-05 23:17
Severity ?
Summary
F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP DNS 12.0.0 before build 1.14.628; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, and 11.6.0 before build 6.204.442; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 build 685-HF10; BIG-IQ Cloud, Device, and Security 4.2.0 through 4.5.0; and BIG-IQ ADC 4.5.0 do not properly regenerate certificates and keys when deploying cloud images in Amazon Web Services (AWS), Azure or Verizon cloud services environments, which allows attackers to obtain sensitive information or cause a denial of service (disruption) by leveraging a target instance configuration.
References
http://www.securitytracker.com/id/1035520vdb-entry, x_refsource_SECTRACK
https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.htmlx_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:17:50.544Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1035520",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035520"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-04-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP DNS 12.0.0 before build 1.14.628; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, and 11.6.0 before build 6.204.442; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 build 685-HF10; BIG-IQ Cloud, Device, and Security 4.2.0 through 4.5.0; and BIG-IQ ADC 4.5.0 do not properly regenerate certificates and keys when deploying cloud images in Amazon Web Services (AWS), Azure or Verizon cloud services environments, which allows attackers to obtain sensitive information or cause a denial of service (disruption) by leveraging a target instance configuration."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-04-13T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1035520",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035520"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-2084",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP DNS 12.0.0 before build 1.14.628; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, and 11.6.0 before build 6.204.442; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 build 685-HF10; BIG-IQ Cloud, Device, and Security 4.2.0 through 4.5.0; and BIG-IQ ADC 4.5.0 do not properly regenerate certificates and keys when deploying cloud images in Amazon Web Services (AWS), Azure or Verizon cloud services environments, which allows attackers to obtain sensitive information or cause a denial of service (disruption) by leveraging a target instance configuration."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1035520",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035520"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-2084",
    "datePublished": "2016-04-13T16:00:00",
    "dateReserved": "2016-01-27T00:00:00",
    "dateUpdated": "2024-08-05T23:17:50.544Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7475
Vulnerability from cvelistv5
Published
2018-10-08 19:00
Modified
2024-09-17 01:15
Severity ?
Summary
Under some circumstances on BIG-IP 12.0.0-12.1.0, 11.6.0-11.6.1, or 11.4.0-11.5.4 HF1, the Traffic Management Microkernel (TMM) may not properly clean-up pool member network connections when using SPDY or HTTP/2 virtual server profiles.
References
https://support.f5.com/csp/article/K01587042x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:57:47.670Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K01587042"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "12.0.0-12.1.0, 11.6.0-11.6.1, 11.4.0-11.5.4 HF1"
            }
          ]
        }
      ],
      "datePublic": "2017-03-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Under some circumstances on BIG-IP 12.0.0-12.1.0, 11.6.0-11.6.1, or 11.4.0-11.5.4 HF1, the Traffic Management Microkernel (TMM) may not properly clean-up pool member network connections when using SPDY or HTTP/2 virtual server profiles."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "DoS",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-08T18:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K01587042"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "DATE_PUBLIC": "2017-03-15T00:00:00",
          "ID": "CVE-2016-7475",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "12.0.0-12.1.0, 11.6.0-11.6.1, 11.4.0-11.5.4 HF1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Under some circumstances on BIG-IP 12.0.0-12.1.0, 11.6.0-11.6.1, or 11.4.0-11.5.4 HF1, the Traffic Management Microkernel (TMM) may not properly clean-up pool member network connections when using SPDY or HTTP/2 virtual server profiles."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "DoS"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K01587042",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K01587042"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2016-7475",
    "datePublished": "2018-10-08T19:00:00Z",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-09-17T01:15:55.297Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-3163
Vulnerability from cvelistv5
Published
2012-10-17 00:00
Modified
2024-08-06 19:57
Severity ?
Summary
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
References
http://secunia.com/advisories/51177third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/56509third-party-advisory, x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2012-1462.htmlvendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/53372third-party-advisory, x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-201308-06.xmlvendor-advisory, x_refsource_GENTOO
http://www.debian.org/security/2012/dsa-2581vendor-advisory, x_refsource_DEBIAN
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.htmlx_refsource_CONFIRM
http://secunia.com/advisories/51309third-party-advisory, x_refsource_SECUNIA
http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.htmlx_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/79381vdb-entry, x_refsource_XF
http://www.ubuntu.com/usn/USN-1621-1vendor-advisory, x_refsource_UBUNTU
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/56513third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:57:49.804Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "51177",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51177"
          },
          {
            "name": "56509",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56509"
          },
          {
            "name": "RHSA-2012:1462",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1462.html"
          },
          {
            "name": "53372",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/53372"
          },
          {
            "name": "GLSA-201308-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
          },
          {
            "name": "DSA-2581",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2581"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
          },
          {
            "name": "51309",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51309"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html"
          },
          {
            "name": "mysqlserver-informationschema-cve20123163(79381)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79381"
          },
          {
            "name": "USN-1621-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1621-1"
          },
          {
            "name": "MDVSA-2013:150",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
          },
          {
            "name": "56513",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56513"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-10-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "51177",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51177"
        },
        {
          "name": "56509",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56509"
        },
        {
          "name": "RHSA-2012:1462",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1462.html"
        },
        {
          "name": "53372",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/53372"
        },
        {
          "name": "GLSA-201308-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
        },
        {
          "name": "DSA-2581",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2581"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
        },
        {
          "name": "51309",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51309"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html"
        },
        {
          "name": "mysqlserver-informationschema-cve20123163(79381)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79381"
        },
        {
          "name": "USN-1621-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1621-1"
        },
        {
          "name": "MDVSA-2013:150",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
        },
        {
          "name": "56513",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56513"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2012-3163",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "51177",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51177"
            },
            {
              "name": "56509",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56509"
            },
            {
              "name": "RHSA-2012:1462",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1462.html"
            },
            {
              "name": "53372",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/53372"
            },
            {
              "name": "GLSA-201308-06",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
            },
            {
              "name": "DSA-2581",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2581"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
            },
            {
              "name": "51309",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51309"
            },
            {
              "name": "http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html",
              "refsource": "CONFIRM",
              "url": "http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html"
            },
            {
              "name": "mysqlserver-informationschema-cve20123163(79381)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79381"
            },
            {
              "name": "USN-1621-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1621-1"
            },
            {
              "name": "MDVSA-2013:150",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
            },
            {
              "name": "56513",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56513"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2012-3163",
    "datePublished": "2012-10-17T00:00:00",
    "dateReserved": "2012-06-06T00:00:00",
    "dateUpdated": "2024-08-06T19:57:49.804Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-4027
Vulnerability from cvelistv5
Published
2014-06-23 10:00
Modified
2024-08-06 11:04
Severity ?
Summary
The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator.
References
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/59134third-party-advisory, x_refsource_SECUNIA
https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.htmlx_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=1108744x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-2335-1vendor-advisory, x_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-2334-1vendor-advisory, x_refsource_UBUNTU
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dcx_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/60564third-party-advisory, x_refsource_SECUNIA
https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dcx_refsource_CONFIRM
http://secunia.com/advisories/59777third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61310third-party-advisory, x_refsource_SECUNIA
http://www.openwall.com/lists/oss-security/2014/06/11/1mailing-list, x_refsource_MLIST
http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618mailing-list, x_refsource_MLIST
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T11:04:27.539Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2014:1316",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html"
          },
          {
            "name": "59134",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59134"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1108744"
          },
          {
            "name": "USN-2335-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2335-1"
          },
          {
            "name": "USN-2334-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2334-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
          },
          {
            "name": "SUSE-SU-2014:1319",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html"
          },
          {
            "name": "60564",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60564"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
          },
          {
            "name": "59777",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59777"
          },
          {
            "name": "61310",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61310"
          },
          {
            "name": "[oss-security] 20140611 Re: CVE request: Linux kernel / target information leak",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/06/11/1"
          },
          {
            "name": "[target-devel] 20140616 [PATCH] target: Explicitly clear ramdisk_mcp backend pages",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-06-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-05T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SUSE-SU-2014:1316",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html"
        },
        {
          "name": "59134",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59134"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1108744"
        },
        {
          "name": "USN-2335-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2335-1"
        },
        {
          "name": "USN-2334-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2334-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
        },
        {
          "name": "SUSE-SU-2014:1319",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html"
        },
        {
          "name": "60564",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60564"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
        },
        {
          "name": "59777",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59777"
        },
        {
          "name": "61310",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61310"
        },
        {
          "name": "[oss-security] 20140611 Re: CVE request: Linux kernel / target information leak",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/06/11/1"
        },
        {
          "name": "[target-devel] 20140616 [PATCH] target: Explicitly clear ramdisk_mcp backend pages",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-4027",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2014:1316",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html"
            },
            {
              "name": "59134",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59134"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1108744",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1108744"
            },
            {
              "name": "USN-2335-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2335-1"
            },
            {
              "name": "USN-2334-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2334-1"
            },
            {
              "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
            },
            {
              "name": "SUSE-SU-2014:1319",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html"
            },
            {
              "name": "60564",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60564"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
            },
            {
              "name": "59777",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59777"
            },
            {
              "name": "61310",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61310"
            },
            {
              "name": "[oss-security] 20140611 Re: CVE request: Linux kernel / target information leak",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/06/11/1"
            },
            {
              "name": "[target-devel] 20140616 [PATCH] target: Explicitly clear ramdisk_mcp backend pages",
              "refsource": "MLIST",
              "url": "http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-4027",
    "datePublished": "2014-06-23T10:00:00",
    "dateReserved": "2014-06-11T00:00:00",
    "dateUpdated": "2024-08-06T11:04:27.539Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-6016
Vulnerability from cvelistv5
Published
2013-10-26 17:00
Modified
2024-08-06 17:29
Severity ?
Summary
The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Controller, and WOM 10.0.0 through 10.2.2 and 11.0.0; Analytics 11.0.0; PSM 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.4.1; and WebAccelerator 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.3.0 might change a TCP connection to the ESTABLISHED state before receiving the ACK packet, which allows remote attackers to cause a denial of service (SIGFPE or assertion failure and TMM restart) via unspecified vectors.
References
http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13233.htmlx_refsource_CONFIRM
http://secunia.com/advisories/55378third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id/1029220vdb-entry, x_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilities/88166vdb-entry, x_refsource_XF
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T17:29:42.952Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13233.html"
          },
          {
            "name": "55378",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55378"
          },
          {
            "name": "1029220",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1029220"
          },
          {
            "name": "f5-cve20136016-dos(88166)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88166"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-10-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Controller, and WOM 10.0.0 through 10.2.2 and 11.0.0; Analytics 11.0.0; PSM 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.4.1; and WebAccelerator 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.3.0 might change a TCP connection to the ESTABLISHED state before receiving the ACK packet, which allows remote attackers to cause a denial of service (SIGFPE or assertion failure and TMM restart) via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13233.html"
        },
        {
          "name": "55378",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55378"
        },
        {
          "name": "1029220",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1029220"
        },
        {
          "name": "f5-cve20136016-dos(88166)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88166"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2013-6016",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Controller, and WOM 10.0.0 through 10.2.2 and 11.0.0; Analytics 11.0.0; PSM 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.4.1; and WebAccelerator 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.3.0 might change a TCP connection to the ESTABLISHED state before receiving the ACK packet, which allows remote attackers to cause a denial of service (SIGFPE or assertion failure and TMM restart) via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13233.html",
              "refsource": "CONFIRM",
              "url": "http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13233.html"
            },
            {
              "name": "55378",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55378"
            },
            {
              "name": "1029220",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1029220"
            },
            {
              "name": "f5-cve20136016-dos(88166)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88166"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2013-6016",
    "datePublished": "2013-10-26T17:00:00",
    "dateReserved": "2013-10-04T00:00:00",
    "dateUpdated": "2024-08-06T17:29:42.952Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-8730
Vulnerability from cvelistv5
Published
2014-12-10 00:00
Modified
2024-08-06 13:26
Severity ?
Summary
The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself.
References
http://secunia.com/advisories/62167third-party-advisory, x_refsource_SECUNIA
http://www.openwall.com/lists/oss-security/2014/12/09/27mailing-list, x_refsource_MLIST
http://marc.info/?l=bugtraq&m=144372772101168&w=2vendor-advisory, x_refsource_HP
http://www-01.ibm.com/support/docview.wss?uid=swg21693495x_refsource_CONFIRM
https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151x_refsource_CONFIRM
http://secunia.com/advisories/62224third-party-advisory, x_refsource_SECUNIA
https://support.lenovo.com/us/en/product_security/poodlex_refsource_CONFIRM
https://www.imperialviolet.org/2014/12/08/poodleagain.htmlx_refsource_MISC
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21693271x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21693337x_refsource_CONFIRM
http://secunia.com/advisories/62388third-party-advisory, x_refsource_SECUNIA
https://support.lenovo.com/product_security/poodlex_refsource_CONFIRM
https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.htmlx_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:26:02.525Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "62167",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62167"
          },
          {
            "name": "[oss-security] 20141209 Re: CVE question: Return of POODLE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/09/27"
          },
          {
            "name": "HPSBPV03516",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144372772101168\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693495"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151"
          },
          {
            "name": "62224",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62224"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/poodle"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.imperialviolet.org/2014/12/08/poodleagain.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693271"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693337"
          },
          {
            "name": "62388",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62388"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/product_security/poodle"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).  NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-30T16:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "62167",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62167"
        },
        {
          "name": "[oss-security] 20141209 Re: CVE question: Return of POODLE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/09/27"
        },
        {
          "name": "HPSBPV03516",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144372772101168\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693495"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151"
        },
        {
          "name": "62224",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62224"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/poodle"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.imperialviolet.org/2014/12/08/poodleagain.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693271"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693337"
        },
        {
          "name": "62388",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62388"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/product_security/poodle"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-8730",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).  NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "62167",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62167"
            },
            {
              "name": "[oss-security] 20141209 Re: CVE question: Return of POODLE",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/09/27"
            },
            {
              "name": "HPSBPV03516",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=144372772101168\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21693495",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693495"
            },
            {
              "name": "https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151",
              "refsource": "CONFIRM",
              "url": "https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151"
            },
            {
              "name": "62224",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62224"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/poodle",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/poodle"
            },
            {
              "name": "https://www.imperialviolet.org/2014/12/08/poodleagain.html",
              "refsource": "MISC",
              "url": "https://www.imperialviolet.org/2014/12/08/poodleagain.html"
            },
            {
              "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635",
              "refsource": "CONFIRM",
              "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21693271",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693271"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21693337",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693337"
            },
            {
              "name": "62388",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62388"
            },
            {
              "name": "https://support.lenovo.com/product_security/poodle",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/product_security/poodle"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-8730",
    "datePublished": "2014-12-10T00:00:00",
    "dateReserved": "2014-11-10T00:00:00",
    "dateUpdated": "2024-08-06T13:26:02.525Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-9250
Vulnerability from cvelistv5
Published
2017-05-10 14:00
Modified
2024-08-06 02:42
Severity ?
Summary
In F5 BIG-IP 11.2.1, 11.4.0 through 11.6.1, and 12.0.0 through 12.1.2, an unauthenticated user with access to the control plane may be able to delete arbitrary files through an undisclosed mechanism.
References
https://support.f5.com/csp/article/K55792317x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:42:11.205Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K55792317"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "11.2.1"
            },
            {
              "status": "affected",
              "version": "11.4.0-11.6.1"
            },
            {
              "status": "affected",
              "version": "12.0.0-12.1.2"
            }
          ]
        }
      ],
      "datePublic": "2017-05-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In F5 BIG-IP 11.2.1, 11.4.0 through 11.6.1, and 12.0.0 through 12.1.2, an unauthenticated user with access to the control plane may be able to delete arbitrary files through an undisclosed mechanism."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Arbitrary File Deletion via Undisclosed Mechanism",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-05-10T12:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K55792317"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2016-9250",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "11.2.1"
                          },
                          {
                            "version_value": "11.4.0-11.6.1"
                          },
                          {
                            "version_value": "12.0.0-12.1.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In F5 BIG-IP 11.2.1, 11.4.0 through 11.6.1, and 12.0.0 through 12.1.2, an unauthenticated user with access to the control plane may be able to delete arbitrary files through an undisclosed mechanism."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Arbitrary File Deletion via Undisclosed Mechanism"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K55792317",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K55792317"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2016-9250",
    "datePublished": "2017-05-10T14:00:00",
    "dateReserved": "2016-11-09T00:00:00",
    "dateUpdated": "2024-08-06T02:42:11.205Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-6604
Vulnerability from cvelistv5
Published
2019-03-28 20:28
Modified
2024-08-04 20:23
Severity ?
Summary
On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge.
References
https://support.f5.com/csp/article/K26455071x_refsource_MISC
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:23:22.056Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K26455071"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
          "vendor": "BIG-IP",
          "versions": [
            {
              "status": "affected",
              "version": "11.5.1-11.5.8"
            },
            {
              "status": "affected",
              "version": "11.6.1-11.6.3.4"
            },
            {
              "status": "affected",
              "version": "12.1.0-12.1.3.6"
            },
            {
              "status": "affected",
              "version": "13.0.0-13.1.1.1"
            },
            {
              "status": "affected",
              "version": "14.0.0-14.0.0.2"
            }
          ]
        }
      ],
      "datePublic": "2019-03-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "DoS",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-03-28T20:28:52",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.f5.com/csp/article/K26455071"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2019-6604",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "11.5.1-11.5.8"
                          },
                          {
                            "version_value": "11.6.1-11.6.3.4"
                          },
                          {
                            "version_value": "12.1.0-12.1.3.6"
                          },
                          {
                            "version_value": "13.0.0-13.1.1.1"
                          },
                          {
                            "version_value": "14.0.0-14.0.0.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "BIG-IP"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "DoS"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K26455071",
              "refsource": "MISC",
              "url": "https://support.f5.com/csp/article/K26455071"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2019-6604",
    "datePublished": "2019-03-28T20:28:52",
    "dateReserved": "2019-01-22T00:00:00",
    "dateUpdated": "2024-08-04T20:23:22.056Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-6271
Vulnerability from cvelistv5
Published
2014-09-24 18:00
Modified
2024-08-06 12:10
Severity ?
Summary
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
References
https://www.exploit-db.com/exploits/37816/exploit, x_refsource_EXPLOIT-DB
http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.htmlx_refsource_MISC
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.htmlvendor-advisory, x_refsource_SUSE
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21685749x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=141577137423233&w=2vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=142719845423222&w=2vendor-advisory, x_refsource_HP
https://www.exploit-db.com/exploits/39918/exploit, x_refsource_EXPLOIT-DB
http://marc.info/?l=bugtraq&m=141216668515282&w=2vendor-advisory, x_refsource_HP
http://rhn.redhat.com/errata/RHSA-2014-1295.htmlvendor-advisory, x_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.htmlvendor-advisory, x_refsource_SUSE
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/x_refsource_CONFIRM
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlertsx_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=141383138121313&w=2vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=142721162228379&w=2vendor-advisory, x_refsource_HP
http://www.securityfocus.com/archive/1/533593/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://marc.info/?l=bugtraq&m=142358026505815&w=2vendor-advisory, x_refsource_HP
http://www-01.ibm.com/support/docview.wss?uid=swg21686084x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21686479x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=142719845423222&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/61188third-party-advisory, x_refsource_SECUNIA
http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0x_refsource_CONFIRM
http://jvn.jp/en/jp/JVN55667175/index.htmlthird-party-advisory, x_refsource_JVN
http://secunia.com/advisories/61676third-party-advisory, x_refsource_SECUNIA
https://www.exploit-db.com/exploits/40619/exploit, x_refsource_EXPLOIT-DB
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/60433third-party-advisory, x_refsource_SECUNIA
https://www.exploit-db.com/exploits/38849/exploit, x_refsource_EXPLOIT-DB
http://marc.info/?l=bugtraq&m=141383026420882&w=2vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=141585637922673&w=2vendor-advisory, x_refsource_HP
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.htmlvendor-advisory, x_refsource_SUSE
http://marc.info/?l=bugtraq&m=141576728022234&w=2vendor-advisory, x_refsource_HP
http://www-01.ibm.com/support/docview.wss?uid=swg21685541x_refsource_CONFIRM
http://secunia.com/advisories/61715third-party-advisory, x_refsource_SECUNIA
http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.htmlx_refsource_CONFIRM
http://secunia.com/advisories/61816third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/61442third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=142358078406056&w=2vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=142805027510172&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/61283third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=142113462216480&w=2vendor-advisory, x_refsource_HP
http://www.ubuntu.com/usn/USN-2362-1vendor-advisory, x_refsource_UBUNTU
https://kc.mcafee.com/corporate/index?page=content&id=SB10085x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/61654third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61542third-party-advisory, x_refsource_SECUNIA
http://www.novell.com/support/kb/doc.php?id=7015701x_refsource_CONFIRM
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315x_refsource_CONFIRM
http://secunia.com/advisories/62312third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59272third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=141319209015420&w=2vendor-advisory, x_refsource_HP
https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.htmlx_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=141879528318582&w=2vendor-advisory, x_refsource_HP
http://www-01.ibm.com/support/docview.wss?uid=swg21685604x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=142118135300698&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/61703third-party-advisory, x_refsource_SECUNIA
http://support.apple.com/kb/HT6495x_refsource_CONFIRM
http://www.kb.cert.org/vuls/id/252743third-party-advisory, x_refsource_CERT-VN
http://secunia.com/advisories/61065third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.htmlvendor-advisory, x_refsource_SUSE
http://marc.info/?l=bugtraq&m=141383196021590&w=2vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=141383081521087&w=2vendor-advisory, x_refsource_HP
http://www-01.ibm.com/support/docview.wss?uid=swg21686445x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21686131x_refsource_CONFIRM
http://www.securityfocus.com/bid/70103vdb-entry, x_refsource_BID
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126third-party-advisory, x_refsource_JVNDB
http://marc.info/?l=bugtraq&m=141879528318582&w=2vendor-advisory, x_refsource_HP
http://www.us-cert.gov/ncas/alerts/TA14-268Athird-party-advisory, x_refsource_CERT
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/61641third-party-advisory, x_refsource_SECUNIA
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648x_refsource_CONFIRM
https://access.redhat.com/node/1200223x_refsource_CONFIRM
http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.htmlx_refsource_MISC
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.htmlvendor-advisory, x_refsource_SUSE
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898x_refsource_CONFIRM
http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.htmlvendor-advisory, x_refsource_APPLE
http://www-01.ibm.com/support/docview.wss?uid=swg21685914x_refsource_CONFIRM
http://seclists.org/fulldisclosure/2014/Oct/0mailing-list, x_refsource_FULLDISC
http://www.mandriva.com/security/advisories?name=MDVSA-2015:164vendor-advisory, x_refsource_MANDRIVA
http://rhn.redhat.com/errata/RHSA-2014-1293.htmlvendor-advisory, x_refsource_REDHAT
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.htmlvendor-advisory, x_refsource_SUSE
http://marc.info/?l=bugtraq&m=142721162228379&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/60325third-party-advisory, x_refsource_SECUNIA
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixesx_refsource_CONFIRM
http://secunia.com/advisories/60024third-party-advisory, x_refsource_SECUNIA
http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.htmlx_refsource_MISC
https://www.exploit-db.com/exploits/34879/exploit, x_refsource_EXPLOIT-DB
https://access.redhat.com/articles/1200223x_refsource_CONFIRM
http://secunia.com/advisories/62343third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61565third-party-advisory, x_refsource_SECUNIA
https://www.suse.com/support/shellshock/x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=141450491804793&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/61313third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=142358026505815&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/61873third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61485third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/60947third-party-advisory, x_refsource_SECUNIA
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183x_refsource_CONFIRM
https://support.apple.com/kb/HT6535x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=141577297623641&w=2vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=142546741516006&w=2vendor-advisory, x_refsource_HP
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=141383244821813&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/61312third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/60193third-party-advisory, x_refsource_SECUNIA
http://www.vmware.com/security/advisories/VMSA-2014-0010.htmlx_refsource_CONFIRM
http://linux.oracle.com/errata/ELSA-2014-1294.htmlx_refsource_CONFIRM
http://secunia.com/advisories/60063third-party-advisory, x_refsource_SECUNIA
http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.htmlx_refsource_MISC
http://secunia.com/advisories/60034third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=141330425327438&w=2vendor-advisory, x_refsource_HP
http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.htmlx_refsource_MISC
http://secunia.com/advisories/59907third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/58200third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=141577241923505&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/61643third-party-advisory, x_refsource_SECUNIA
http://www.novell.com/support/kb/doc.php?id=7015721x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21687079x_refsource_CONFIRM
http://secunia.com/advisories/61503third-party-advisory, x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21686246x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2014-1354.htmlvendor-advisory, x_refsource_REDHAT
https://www.exploit-db.com/exploits/40938/exploit, x_refsource_EXPLOIT-DB
http://marc.info/?l=bugtraq&m=141216207813411&w=2vendor-advisory, x_refsource_HP
http://support.novell.com/security/cve/CVE-2014-6271.htmlx_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915x_refsource_CONFIRM
http://secunia.com/advisories/61547third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=141383465822787&w=2vendor-advisory, x_refsource_HP
http://www.qnap.com/i/en/support/con_show.php?cid=61x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=141694386919794&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/61552third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61780third-party-advisory, x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279x_refsource_CONFIRM
https://support.citrix.com/article/CTX200223x_refsource_CONFIRM
http://www.debian.org/security/2014/dsa-3032vendor-advisory, x_refsource_DEBIAN
http://www-01.ibm.com/support/docview.wss?uid=swg21686447x_refsource_CONFIRM
http://secunia.com/advisories/62228third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=141330468527613&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/61855third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=141235957116749&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/60044third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61291third-party-advisory, x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2014-1294.htmlvendor-advisory, x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=141345648114150&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/59737third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61287third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=141383353622268&w=2vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=142118135300698&w=2vendor-advisory, x_refsource_HP
https://bugzilla.redhat.com/show_bug.cgi?id=1141597x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=142118135300698&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/61711third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=142113462216480&w=2vendor-advisory, x_refsource_HP
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=141383304022067&w=2vendor-advisory, x_refsource_HP
http://advisories.mageia.org/MGASA-2014-0388.htmlx_refsource_CONFIRM
http://secunia.com/advisories/61128third-party-advisory, x_refsource_SECUNIA
https://support.citrix.com/article/CTX200217x_refsource_CONFIRM
http://secunia.com/advisories/61471third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/60055third-party-advisory, x_refsource_SECUNIA
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bashvendor-advisory, x_refsource_CISCO
http://secunia.com/advisories/61550third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61633third-party-advisory, x_refsource_SECUNIA
http://linux.oracle.com/errata/ELSA-2014-1293.htmlx_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21686494x_refsource_CONFIRM
https://kb.bluecoat.com/index?page=content&id=SA82x_refsource_CONFIRM
http://secunia.com/advisories/61328third-party-advisory, x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21685733x_refsource_CONFIRM
https://www.exploit-db.com/exploits/42938/exploit, x_refsource_EXPLOIT-DB
http://secunia.com/advisories/61129third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61700third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61603third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61857third-party-advisory, x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879x_refsource_CONFIRM
http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.htmlx_refsource_MISC
https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006x_refsource_MISC
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T12:10:13.276Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "37816",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/37816/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
          },
          {
            "name": "SUSE-SU-2014:1223",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
          },
          {
            "name": "HPSBMU03165",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
          },
          {
            "name": "SSRT101816",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
          },
          {
            "name": "39918",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39918/"
          },
          {
            "name": "HPSBHF03119",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
          },
          {
            "name": "RHSA-2014:1295",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
          },
          {
            "name": "openSUSE-SU-2014:1226",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
          },
          {
            "name": "HPSBST03131",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
          },
          {
            "name": "SSRT101819",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
          },
          {
            "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
          },
          {
            "name": "HPSBMU03245",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
          },
          {
            "name": "HPSBST03196",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
          },
          {
            "name": "61188",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61188"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
          },
          {
            "name": "JVN#55667175",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
          },
          {
            "name": "61676",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61676"
          },
          {
            "name": "40619",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/40619/"
          },
          {
            "name": "openSUSE-SU-2014:1254",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
          },
          {
            "name": "60433",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60433"
          },
          {
            "name": "38849",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/38849/"
          },
          {
            "name": "HPSBMU03143",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
          },
          {
            "name": "HPSBMU03182",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
          },
          {
            "name": "SUSE-SU-2014:1260",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
          },
          {
            "name": "HPSBST03155",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
          },
          {
            "name": "61715",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61715"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
          },
          {
            "name": "61816",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61816"
          },
          {
            "name": "openSUSE-SU-2014:1310",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
          },
          {
            "name": "61442",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61442"
          },
          {
            "name": "HPSBMU03246",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
          },
          {
            "name": "HPSBST03195",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
          },
          {
            "name": "61283",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61283"
          },
          {
            "name": "SSRT101711",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
          },
          {
            "name": "USN-2362-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2362-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
          },
          {
            "name": "openSUSE-SU-2014:1308",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
          },
          {
            "name": "61654",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61654"
          },
          {
            "name": "61542",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61542"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
          },
          {
            "name": "62312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62312"
          },
          {
            "name": "59272",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59272"
          },
          {
            "name": "HPSBST03122",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
          },
          {
            "name": "HPSBMU03217",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
          },
          {
            "name": "SSRT101868",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "61703",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61703"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6495"
          },
          {
            "name": "VU#252743",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/252743"
          },
          {
            "name": "61065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61065"
          },
          {
            "name": "SUSE-SU-2014:1213",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
          },
          {
            "name": "HPSBST03129",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
          },
          {
            "name": "HPSBMU03144",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
          },
          {
            "name": "70103",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/70103"
          },
          {
            "name": "JVNDB-2014-000126",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
          },
          {
            "name": "SSRT101827",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
          },
          {
            "name": "TA14-268A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
          },
          {
            "name": "SUSE-SU-2014:1212",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
          },
          {
            "name": "61641",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61641"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/node/1200223"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
          },
          {
            "name": "SUSE-SU-2014:1287",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
          },
          {
            "name": "APPLE-SA-2014-10-16-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
          },
          {
            "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
          },
          {
            "name": "MDVSA-2015:164",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
          },
          {
            "name": "RHSA-2014:1293",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
          },
          {
            "name": "openSUSE-SU-2014:1238",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
          },
          {
            "name": "HPSBMU03220",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
          },
          {
            "name": "60325",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60325"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
          },
          {
            "name": "60024",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60024"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
          },
          {
            "name": "34879",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/34879/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/articles/1200223"
          },
          {
            "name": "62343",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62343"
          },
          {
            "name": "61565",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61565"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.suse.com/support/shellshock/"
          },
          {
            "name": "HPSBST03157",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
          },
          {
            "name": "61313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61313"
          },
          {
            "name": "SSRT101742",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
          },
          {
            "name": "61873",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61873"
          },
          {
            "name": "61485",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61485"
          },
          {
            "name": "60947",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60947"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT6535"
          },
          {
            "name": "HPSBST03154",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
          },
          {
            "name": "HPSBST03265",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
          },
          {
            "name": "HPSBGN03142",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
          },
          {
            "name": "61312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61312"
          },
          {
            "name": "60193",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60193"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
          },
          {
            "name": "60063",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60063"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
          },
          {
            "name": "60034",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60034"
          },
          {
            "name": "HPSBMU03133",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
          },
          {
            "name": "59907",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59907"
          },
          {
            "name": "58200",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58200"
          },
          {
            "name": "HPSBST03181",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
          },
          {
            "name": "61643",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61643"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
          },
          {
            "name": "61503",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61503"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
          },
          {
            "name": "RHSA-2014:1354",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
          },
          {
            "name": "40938",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/40938/"
          },
          {
            "name": "HPSBGN03117",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
          },
          {
            "name": "61547",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61547"
          },
          {
            "name": "HPSBHF03145",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
          },
          {
            "name": "HPSBST03148",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
          },
          {
            "name": "61552",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61552"
          },
          {
            "name": "61780",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61780"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX200223"
          },
          {
            "name": "DSA-3032",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-3032"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
          },
          {
            "name": "62228",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62228"
          },
          {
            "name": "HPSBGN03138",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
          },
          {
            "name": "61855",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61855"
          },
          {
            "name": "HPSBHF03124",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
          },
          {
            "name": "60044",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60044"
          },
          {
            "name": "61291",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61291"
          },
          {
            "name": "RHSA-2014:1294",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
          },
          {
            "name": "HPSBHF03125",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
          },
          {
            "name": "59737",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59737"
          },
          {
            "name": "61287",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61287"
          },
          {
            "name": "HPSBHF03146",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
          },
          {
            "name": "HPSBGN03233",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
          },
          {
            "name": "SSRT101739",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "61711",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61711"
          },
          {
            "name": "HPSBOV03228",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
          },
          {
            "name": "HPSBGN03141",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://advisories.mageia.org/MGASA-2014-0388.html"
          },
          {
            "name": "61128",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61128"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX200217"
          },
          {
            "name": "61471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61471"
          },
          {
            "name": "60055",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60055"
          },
          {
            "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
          },
          {
            "name": "61550",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61550"
          },
          {
            "name": "61633",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61633"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
          },
          {
            "name": "61328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61328"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
          },
          {
            "name": "42938",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/42938/"
          },
          {
            "name": "61129",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61129"
          },
          {
            "name": "61700",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61700"
          },
          {
            "name": "61603",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61603"
          },
          {
            "name": "61857",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61857"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-09-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka \"ShellShock.\"  NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-05T16:37:05",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "37816",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/37816/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
        },
        {
          "name": "SUSE-SU-2014:1223",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
        },
        {
          "name": "HPSBMU03165",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
        },
        {
          "name": "SSRT101816",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
        },
        {
          "name": "39918",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39918/"
        },
        {
          "name": "HPSBHF03119",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
        },
        {
          "name": "RHSA-2014:1295",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
        },
        {
          "name": "openSUSE-SU-2014:1226",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
        },
        {
          "name": "HPSBST03131",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
        },
        {
          "name": "SSRT101819",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
        },
        {
          "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
        },
        {
          "name": "HPSBMU03245",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
        },
        {
          "name": "HPSBST03196",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
        },
        {
          "name": "61188",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61188"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
        },
        {
          "name": "JVN#55667175",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
        },
        {
          "name": "61676",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61676"
        },
        {
          "name": "40619",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/40619/"
        },
        {
          "name": "openSUSE-SU-2014:1254",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
        },
        {
          "name": "60433",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60433"
        },
        {
          "name": "38849",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/38849/"
        },
        {
          "name": "HPSBMU03143",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
        },
        {
          "name": "HPSBMU03182",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
        },
        {
          "name": "SUSE-SU-2014:1260",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
        },
        {
          "name": "HPSBST03155",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
        },
        {
          "name": "61715",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61715"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
        },
        {
          "name": "61816",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61816"
        },
        {
          "name": "openSUSE-SU-2014:1310",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
        },
        {
          "name": "61442",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61442"
        },
        {
          "name": "HPSBMU03246",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
        },
        {
          "name": "HPSBST03195",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
        },
        {
          "name": "61283",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61283"
        },
        {
          "name": "SSRT101711",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
        },
        {
          "name": "USN-2362-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2362-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
        },
        {
          "name": "openSUSE-SU-2014:1308",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
        },
        {
          "name": "61654",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61654"
        },
        {
          "name": "61542",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61542"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
        },
        {
          "name": "62312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62312"
        },
        {
          "name": "59272",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59272"
        },
        {
          "name": "HPSBST03122",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
        },
        {
          "name": "HPSBMU03217",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
        },
        {
          "name": "SSRT101868",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "61703",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61703"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6495"
        },
        {
          "name": "VU#252743",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/252743"
        },
        {
          "name": "61065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61065"
        },
        {
          "name": "SUSE-SU-2014:1213",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
        },
        {
          "name": "HPSBST03129",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
        },
        {
          "name": "HPSBMU03144",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
        },
        {
          "name": "70103",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/70103"
        },
        {
          "name": "JVNDB-2014-000126",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
        },
        {
          "name": "SSRT101827",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
        },
        {
          "name": "TA14-268A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
        },
        {
          "name": "SUSE-SU-2014:1212",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
        },
        {
          "name": "61641",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61641"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/node/1200223"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
        },
        {
          "name": "SUSE-SU-2014:1287",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
        },
        {
          "name": "APPLE-SA-2014-10-16-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
        },
        {
          "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
        },
        {
          "name": "MDVSA-2015:164",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
        },
        {
          "name": "RHSA-2014:1293",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
        },
        {
          "name": "openSUSE-SU-2014:1238",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
        },
        {
          "name": "HPSBMU03220",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
        },
        {
          "name": "60325",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60325"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
        },
        {
          "name": "60024",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60024"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
        },
        {
          "name": "34879",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/34879/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/articles/1200223"
        },
        {
          "name": "62343",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62343"
        },
        {
          "name": "61565",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61565"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.suse.com/support/shellshock/"
        },
        {
          "name": "HPSBST03157",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
        },
        {
          "name": "61313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61313"
        },
        {
          "name": "SSRT101742",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
        },
        {
          "name": "61873",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61873"
        },
        {
          "name": "61485",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61485"
        },
        {
          "name": "60947",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60947"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT6535"
        },
        {
          "name": "HPSBST03154",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
        },
        {
          "name": "HPSBST03265",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
        },
        {
          "name": "HPSBGN03142",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
        },
        {
          "name": "61312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61312"
        },
        {
          "name": "60193",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60193"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
        },
        {
          "name": "60063",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60063"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
        },
        {
          "name": "60034",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60034"
        },
        {
          "name": "HPSBMU03133",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
        },
        {
          "name": "59907",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59907"
        },
        {
          "name": "58200",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58200"
        },
        {
          "name": "HPSBST03181",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
        },
        {
          "name": "61643",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61643"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
        },
        {
          "name": "61503",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61503"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
        },
        {
          "name": "RHSA-2014:1354",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
        },
        {
          "name": "40938",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/40938/"
        },
        {
          "name": "HPSBGN03117",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
        },
        {
          "name": "61547",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61547"
        },
        {
          "name": "HPSBHF03145",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
        },
        {
          "name": "HPSBST03148",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
        },
        {
          "name": "61552",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61552"
        },
        {
          "name": "61780",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61780"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX200223"
        },
        {
          "name": "DSA-3032",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-3032"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
        },
        {
          "name": "62228",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62228"
        },
        {
          "name": "HPSBGN03138",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
        },
        {
          "name": "61855",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61855"
        },
        {
          "name": "HPSBHF03124",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
        },
        {
          "name": "60044",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60044"
        },
        {
          "name": "61291",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61291"
        },
        {
          "name": "RHSA-2014:1294",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
        },
        {
          "name": "HPSBHF03125",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
        },
        {
          "name": "59737",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59737"
        },
        {
          "name": "61287",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61287"
        },
        {
          "name": "HPSBHF03146",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
        },
        {
          "name": "HPSBGN03233",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
        },
        {
          "name": "SSRT101739",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "61711",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61711"
        },
        {
          "name": "HPSBOV03228",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
        },
        {
          "name": "HPSBGN03141",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://advisories.mageia.org/MGASA-2014-0388.html"
        },
        {
          "name": "61128",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61128"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX200217"
        },
        {
          "name": "61471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61471"
        },
        {
          "name": "60055",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60055"
        },
        {
          "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
        },
        {
          "name": "61550",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61550"
        },
        {
          "name": "61633",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61633"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
        },
        {
          "name": "61328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61328"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
        },
        {
          "name": "42938",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/42938/"
        },
        {
          "name": "61129",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61129"
        },
        {
          "name": "61700",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61700"
        },
        {
          "name": "61603",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61603"
        },
        {
          "name": "61857",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61857"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2014-6271",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka \"ShellShock.\"  NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "37816",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/37816/"
            },
            {
              "name": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
            },
            {
              "name": "SUSE-SU-2014:1223",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
            },
            {
              "name": "HPSBMU03165",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
            },
            {
              "name": "SSRT101816",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
            },
            {
              "name": "39918",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/39918/"
            },
            {
              "name": "HPSBHF03119",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
            },
            {
              "name": "RHSA-2014:1295",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
            },
            {
              "name": "openSUSE-SU-2014:1226",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
            },
            {
              "name": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/",
              "refsource": "CONFIRM",
              "url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
            },
            {
              "name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts",
              "refsource": "CONFIRM",
              "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
            },
            {
              "name": "HPSBST03131",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
            },
            {
              "name": "SSRT101819",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
            },
            {
              "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
            },
            {
              "name": "HPSBMU03245",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
            },
            {
              "name": "HPSBST03196",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
            },
            {
              "name": "61188",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61188"
            },
            {
              "name": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
              "refsource": "CONFIRM",
              "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
            },
            {
              "name": "JVN#55667175",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
            },
            {
              "name": "61676",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61676"
            },
            {
              "name": "40619",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/40619/"
            },
            {
              "name": "openSUSE-SU-2014:1254",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
            },
            {
              "name": "60433",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60433"
            },
            {
              "name": "38849",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/38849/"
            },
            {
              "name": "HPSBMU03143",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
            },
            {
              "name": "HPSBMU03182",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
            },
            {
              "name": "SUSE-SU-2014:1260",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
            },
            {
              "name": "HPSBST03155",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
            },
            {
              "name": "61715",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61715"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
            },
            {
              "name": "61816",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61816"
            },
            {
              "name": "openSUSE-SU-2014:1310",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
            },
            {
              "name": "61442",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61442"
            },
            {
              "name": "HPSBMU03246",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
            },
            {
              "name": "HPSBST03195",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
            },
            {
              "name": "61283",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61283"
            },
            {
              "name": "SSRT101711",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
            },
            {
              "name": "USN-2362-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2362-1"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
            },
            {
              "name": "openSUSE-SU-2014:1308",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
            },
            {
              "name": "61654",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61654"
            },
            {
              "name": "61542",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61542"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015701",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
            },
            {
              "name": "62312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62312"
            },
            {
              "name": "59272",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59272"
            },
            {
              "name": "HPSBST03122",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
            },
            {
              "name": "HPSBMU03217",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
            },
            {
              "name": "SSRT101868",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "61703",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61703"
            },
            {
              "name": "http://support.apple.com/kb/HT6495",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6495"
            },
            {
              "name": "VU#252743",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/252743"
            },
            {
              "name": "61065",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61065"
            },
            {
              "name": "SUSE-SU-2014:1213",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
            },
            {
              "name": "HPSBST03129",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
            },
            {
              "name": "HPSBMU03144",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
            },
            {
              "name": "70103",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/70103"
            },
            {
              "name": "JVNDB-2014-000126",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
            },
            {
              "name": "SSRT101827",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
            },
            {
              "name": "TA14-268A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
            },
            {
              "name": "SUSE-SU-2014:1212",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
            },
            {
              "name": "61641",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61641"
            },
            {
              "name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
            },
            {
              "name": "https://access.redhat.com/node/1200223",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/node/1200223"
            },
            {
              "name": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
            },
            {
              "name": "SUSE-SU-2014:1287",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
            },
            {
              "name": "APPLE-SA-2014-10-16-1",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
            },
            {
              "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
            },
            {
              "name": "MDVSA-2015:164",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
            },
            {
              "name": "RHSA-2014:1293",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
            },
            {
              "name": "openSUSE-SU-2014:1238",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
            },
            {
              "name": "HPSBMU03220",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
            },
            {
              "name": "60325",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60325"
            },
            {
              "name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
              "refsource": "CONFIRM",
              "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
            },
            {
              "name": "60024",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60024"
            },
            {
              "name": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
            },
            {
              "name": "34879",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/34879/"
            },
            {
              "name": "https://access.redhat.com/articles/1200223",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/articles/1200223"
            },
            {
              "name": "62343",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62343"
            },
            {
              "name": "61565",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61565"
            },
            {
              "name": "https://www.suse.com/support/shellshock/",
              "refsource": "CONFIRM",
              "url": "https://www.suse.com/support/shellshock/"
            },
            {
              "name": "HPSBST03157",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
            },
            {
              "name": "61313",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61313"
            },
            {
              "name": "SSRT101742",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
            },
            {
              "name": "61873",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61873"
            },
            {
              "name": "61485",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61485"
            },
            {
              "name": "60947",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60947"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
            },
            {
              "name": "https://support.apple.com/kb/HT6535",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT6535"
            },
            {
              "name": "HPSBST03154",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
            },
            {
              "name": "HPSBST03265",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
            },
            {
              "name": "HPSBGN03142",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
            },
            {
              "name": "61312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61312"
            },
            {
              "name": "60193",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60193"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-1294.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
            },
            {
              "name": "60063",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60063"
            },
            {
              "name": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
            },
            {
              "name": "60034",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60034"
            },
            {
              "name": "HPSBMU03133",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
            },
            {
              "name": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html",
              "refsource": "MISC",
              "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
            },
            {
              "name": "59907",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59907"
            },
            {
              "name": "58200",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58200"
            },
            {
              "name": "HPSBST03181",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
            },
            {
              "name": "61643",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61643"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015721",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
            },
            {
              "name": "61503",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61503"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
            },
            {
              "name": "RHSA-2014:1354",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
            },
            {
              "name": "40938",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/40938/"
            },
            {
              "name": "HPSBGN03117",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
            },
            {
              "name": "http://support.novell.com/security/cve/CVE-2014-6271.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
            },
            {
              "name": "61547",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61547"
            },
            {
              "name": "HPSBHF03145",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
            },
            {
              "name": "http://www.qnap.com/i/en/support/con_show.php?cid=61",
              "refsource": "CONFIRM",
              "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
            },
            {
              "name": "HPSBST03148",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
            },
            {
              "name": "61552",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61552"
            },
            {
              "name": "61780",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61780"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
            },
            {
              "name": "https://support.citrix.com/article/CTX200223",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX200223"
            },
            {
              "name": "DSA-3032",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-3032"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
            },
            {
              "name": "62228",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62228"
            },
            {
              "name": "HPSBGN03138",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
            },
            {
              "name": "61855",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61855"
            },
            {
              "name": "HPSBHF03124",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
            },
            {
              "name": "60044",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60044"
            },
            {
              "name": "61291",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61291"
            },
            {
              "name": "RHSA-2014:1294",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
            },
            {
              "name": "HPSBHF03125",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
            },
            {
              "name": "59737",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59737"
            },
            {
              "name": "61287",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61287"
            },
            {
              "name": "HPSBHF03146",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
            },
            {
              "name": "HPSBGN03233",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
            },
            {
              "name": "SSRT101739",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "61711",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61711"
            },
            {
              "name": "HPSBOV03228",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
            },
            {
              "name": "HPSBGN03141",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
            },
            {
              "name": "http://advisories.mageia.org/MGASA-2014-0388.html",
              "refsource": "CONFIRM",
              "url": "http://advisories.mageia.org/MGASA-2014-0388.html"
            },
            {
              "name": "61128",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61128"
            },
            {
              "name": "https://support.citrix.com/article/CTX200217",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX200217"
            },
            {
              "name": "61471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61471"
            },
            {
              "name": "60055",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60055"
            },
            {
              "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
            },
            {
              "name": "61550",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61550"
            },
            {
              "name": "61633",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61633"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-1293.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
            },
            {
              "name": "https://kb.bluecoat.com/index?page=content\u0026id=SA82",
              "refsource": "CONFIRM",
              "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
            },
            {
              "name": "61328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61328"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
            },
            {
              "name": "42938",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/42938/"
            },
            {
              "name": "61129",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61129"
            },
            {
              "name": "61700",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61700"
            },
            {
              "name": "61603",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61603"
            },
            {
              "name": "61857",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61857"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
            },
            {
              "name": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
            },
            {
              "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006",
              "refsource": "MISC",
              "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2014-6271",
    "datePublished": "2014-09-24T18:00:00",
    "dateReserved": "2014-09-09T00:00:00",
    "dateUpdated": "2024-08-06T12:10:13.276Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-4638
Vulnerability from cvelistv5
Published
2015-09-18 14:00
Modified
2024-08-06 06:18
Severity ?
Summary
The FastL4 virtual server in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.3.0 through 11.5.2 and 11.6.0 through 11.6.0 HF4, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 through 11.3.0, and BIG-IP PSM 11.2.1 through 11.4.1 allows remote attackers to cause a denial of service (Traffic Management Microkernel restart) via a fragmented packet.
References
https://support.f5.com/kb/en-us/solutions/public/17000/100/sol17155.htmlx_refsource_CONFIRM
http://www.securitytracker.com/id/1033578vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:18:12.063Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/17000/100/sol17155.html"
          },
          {
            "name": "1033578",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033578"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The FastL4 virtual server in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.3.0 through 11.5.2 and 11.6.0 through 11.6.0 HF4, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 through 11.3.0, and BIG-IP PSM 11.2.1 through 11.4.1 allows remote attackers to cause a denial of service (Traffic Management Microkernel restart) via a fragmented packet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2015-09-18T13:57:03",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/17000/100/sol17155.html"
        },
        {
          "name": "1033578",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1033578"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-4638",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The FastL4 virtual server in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.3.0 through 11.5.2 and 11.6.0 through 11.6.0 HF4, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 through 11.3.0, and BIG-IP PSM 11.2.1 through 11.4.1 allows remote attackers to cause a denial of service (Traffic Management Microkernel restart) via a fragmented packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/17000/100/sol17155.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/17000/100/sol17155.html"
            },
            {
              "name": "1033578",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1033578"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-4638",
    "datePublished": "2015-09-18T14:00:00",
    "dateReserved": "2015-06-16T00:00:00",
    "dateUpdated": "2024-08-06T06:18:12.063Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-3959
Vulnerability from cvelistv5
Published
2014-06-03 14:00
Modified
2024-08-06 10:57
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 through 11.5.1, AAM 11.4.0 through 11.5.1 PEM 11.3.0 through 11.5.1, PSM 11.2.1 through 11.4.1, WebAccelerator and WOM 11.2.1 through 11.3.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
References
http://secunia.com/advisories/58969third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id/1030319vdb-entry, x_refsource_SECTRACK
http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15296.htmlx_refsource_CONFIRM
http://www.securitytracker.com/id/1030320vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/bid/67771vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:57:18.087Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "58969",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58969"
          },
          {
            "name": "1030319",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030319"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15296.html"
          },
          {
            "name": "1030320",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030320"
          },
          {
            "name": "67771",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/67771"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-05-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 through 11.5.1, AAM 11.4.0 through 11.5.1 PEM 11.3.0 through 11.5.1, PSM 11.2.1 through 11.4.1, WebAccelerator and WOM 11.2.1 through 11.3.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-06-06T13:57:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "58969",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58969"
        },
        {
          "name": "1030319",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030319"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15296.html"
        },
        {
          "name": "1030320",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030320"
        },
        {
          "name": "67771",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/67771"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-3959",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 through 11.5.1, AAM 11.4.0 through 11.5.1 PEM 11.3.0 through 11.5.1, PSM 11.2.1 through 11.4.1, WebAccelerator and WOM 11.2.1 through 11.3.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "58969",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58969"
            },
            {
              "name": "1030319",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030319"
            },
            {
              "name": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15296.html",
              "refsource": "CONFIRM",
              "url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15296.html"
            },
            {
              "name": "1030320",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030320"
            },
            {
              "name": "67771",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/67771"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-3959",
    "datePublished": "2014-06-03T14:00:00",
    "dateReserved": "2014-06-03T00:00:00",
    "dateUpdated": "2024-08-06T10:57:18.087Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-5736
Vulnerability from cvelistv5
Published
2016-08-19 21:00
Modified
2024-08-06 01:07
Severity ?
Summary
The default configuration of the IPsec IKE peer listener in F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP DNS 12.x before 12.0.0 HF2; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 before HF16; BIG-IP GTM 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 11.4.0 through 11.4.1 improperly enables the anonymous IPsec IKE peer configuration object, which allows remote attackers to establish an IKE Phase 1 negotiation and possibly conduct brute-force attacks against Phase 2 negotiations via unspecified vectors.
References
http://www.securitytracker.com/id/1036618vdb-entry, x_refsource_SECTRACK
https://support.f5.com/kb/en-us/solutions/public/k/10/sol10133477.htmlx_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:07:59.959Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1036618",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036618"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/10/sol10133477.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-08-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The default configuration of the IPsec IKE peer listener in F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP DNS 12.x before 12.0.0 HF2; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 before HF16; BIG-IP GTM 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 11.4.0 through 11.4.1 improperly enables the anonymous IPsec IKE peer configuration object, which allows remote attackers to establish an IKE Phase 1 negotiation and possibly conduct brute-force attacks against Phase 2 negotiations via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-08-19T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1036618",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036618"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/10/sol10133477.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-5736",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The default configuration of the IPsec IKE peer listener in F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP DNS 12.x before 12.0.0 HF2; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 before HF16; BIG-IP GTM 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 11.4.0 through 11.4.1 improperly enables the anonymous IPsec IKE peer configuration object, which allows remote attackers to establish an IKE Phase 1 negotiation and possibly conduct brute-force attacks against Phase 2 negotiations via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1036618",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036618"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/10/sol10133477.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/10/sol10133477.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-5736",
    "datePublished": "2016-08-19T21:00:00",
    "dateReserved": "2016-06-21T00:00:00",
    "dateUpdated": "2024-08-06T01:07:59.959Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-2928
Vulnerability from cvelistv5
Published
2014-05-12 14:00
Modified
2024-08-06 10:28
Severity ?
Summary
The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, BIG-IP AAM 11.4.0 through 11.5.1, BIG-IP AFM and PEM 11.3.0 through 11.5.1, BIG-IP Analytics 11.0.0 through 11.5.1, BIG-IP Edge Gateway, WebAccelerator, WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, Enterprise Manager 2.1.0 through 2.3.0 and 3.0.0 through 3.1.1, and BIG-IQ Cloud, Device, and Security 4.0.0 through 4.3.0 allows remote administrators to execute arbitrary commands via shell metacharacters in the hostname element in a SOAP request.
References
http://seclists.org/fulldisclosure/2014/May/32mailing-list, x_refsource_FULLDISC
http://www.exploit-db.com/exploits/34927exploit, x_refsource_EXPLOIT-DB
http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.htmlx_refsource_CONFIRM
http://www.osvdb.org/106728vdb-entry, x_refsource_OSVDB
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:28:46.191Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20140507 Moar F5 fun in iControl API",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/May/32"
          },
          {
            "name": "34927",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/34927"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.html"
          },
          {
            "name": "106728",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/106728"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-05-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, BIG-IP AAM 11.4.0 through 11.5.1, BIG-IP AFM and PEM 11.3.0 through 11.5.1, BIG-IP Analytics 11.0.0 through 11.5.1, BIG-IP Edge Gateway, WebAccelerator, WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, Enterprise Manager 2.1.0 through 2.3.0 and 3.0.0 through 3.1.1, and BIG-IQ Cloud, Device, and Security 4.0.0 through 4.3.0 allows remote administrators to execute arbitrary commands via shell metacharacters in the hostname element in a SOAP request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-11-14T14:57:00",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "20140507 Moar F5 fun in iControl API",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/May/32"
        },
        {
          "name": "34927",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/34927"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.html"
        },
        {
          "name": "106728",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/106728"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2014-2928",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, BIG-IP AAM 11.4.0 through 11.5.1, BIG-IP AFM and PEM 11.3.0 through 11.5.1, BIG-IP Analytics 11.0.0 through 11.5.1, BIG-IP Edge Gateway, WebAccelerator, WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, Enterprise Manager 2.1.0 through 2.3.0 and 3.0.0 through 3.1.1, and BIG-IQ Cloud, Device, and Security 4.0.0 through 4.3.0 allows remote administrators to execute arbitrary commands via shell metacharacters in the hostname element in a SOAP request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20140507 Moar F5 fun in iControl API",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/May/32"
            },
            {
              "name": "34927",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/34927"
            },
            {
              "name": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.html",
              "refsource": "CONFIRM",
              "url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.html"
            },
            {
              "name": "106728",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/106728"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2014-2928",
    "datePublished": "2014-05-12T14:00:00",
    "dateReserved": "2014-04-21T00:00:00",
    "dateUpdated": "2024-08-06T10:28:46.191Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-0196
Vulnerability from cvelistv5
Published
2014-05-07 10:00
Modified
2024-08-06 09:05
Severity ?
Summary
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.
References
http://www.ubuntu.com/usn/USN-2203-1vendor-advisory, x_refsource_UBUNTU
http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.htmlx_refsource_CONFIRM
http://www.osvdb.org/106646vdb-entry, x_refsource_OSVDB
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.htmlvendor-advisory, x_refsource_SUSE
http://www.openwall.com/lists/oss-security/2014/05/05/6mailing-list, x_refsource_MLIST
http://secunia.com/advisories/59262third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-2204-1vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/59218third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-2202-1vendor-advisory, x_refsource_UBUNTU
http://www.exploit-db.com/exploits/33516exploit, x_refsource_EXPLOIT-DB
http://www.debian.org/security/2014/dsa-2928vendor-advisory, x_refsource_DEBIAN
http://www.ubuntu.com/usn/USN-2199-1vendor-advisory, x_refsource_UBUNTU
http://linux.oracle.com/errata/ELSA-2014-0771.htmlx_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=1094232x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-2197-1vendor-advisory, x_refsource_UBUNTU
http://source.android.com/security/bulletin/2016-07-01.htmlx_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2014-0512.htmlvendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/59599third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2014/dsa-2926vendor-advisory, x_refsource_DEBIAN
https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.htmlvendor-advisory, x_refsource_SUSE
http://pastebin.com/raw.php?i=yTSFUBgZx_refsource_MISC
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00x_refsource_CONFIRM
http://bugzilla.novell.com/show_bug.cgi?id=875690x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-2198-1vendor-advisory, x_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-2200-1vendor-advisory, x_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-2201-1vendor-advisory, x_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-2196-1vendor-advisory, x_refsource_UBUNTU
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:05:39.223Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2203-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2203-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"
          },
          {
            "name": "106646",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/106646"
          },
          {
            "name": "SUSE-SU-2014:0683",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"
          },
          {
            "name": "[oss-security] 20140429 CVE-2014-0196: Linux kernel pty layer race condition memory corruption",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"
          },
          {
            "name": "59262",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59262"
          },
          {
            "name": "USN-2204-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2204-1"
          },
          {
            "name": "59218",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59218"
          },
          {
            "name": "USN-2202-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2202-1"
          },
          {
            "name": "33516",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/33516"
          },
          {
            "name": "DSA-2928",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-2928"
          },
          {
            "name": "USN-2199-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2199-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"
          },
          {
            "name": "USN-2197-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2197-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://source.android.com/security/bulletin/2016-07-01.html"
          },
          {
            "name": "RHSA-2014:0512",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"
          },
          {
            "name": "59599",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59599"
          },
          {
            "name": "DSA-2926",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-2926"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"
          },
          {
            "name": "SUSE-SU-2014:0667",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://pastebin.com/raw.php?i=yTSFUBgZ"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"
          },
          {
            "name": "USN-2198-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2198-1"
          },
          {
            "name": "USN-2200-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2200-1"
          },
          {
            "name": "USN-2201-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2201-1"
          },
          {
            "name": "USN-2196-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2196-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-04-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the \"LECHO \u0026 !OPOST\" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-05T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "USN-2203-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2203-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"
        },
        {
          "name": "106646",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/106646"
        },
        {
          "name": "SUSE-SU-2014:0683",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"
        },
        {
          "name": "[oss-security] 20140429 CVE-2014-0196: Linux kernel pty layer race condition memory corruption",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"
        },
        {
          "name": "59262",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59262"
        },
        {
          "name": "USN-2204-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2204-1"
        },
        {
          "name": "59218",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59218"
        },
        {
          "name": "USN-2202-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2202-1"
        },
        {
          "name": "33516",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/33516"
        },
        {
          "name": "DSA-2928",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-2928"
        },
        {
          "name": "USN-2199-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2199-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"
        },
        {
          "name": "USN-2197-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2197-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://source.android.com/security/bulletin/2016-07-01.html"
        },
        {
          "name": "RHSA-2014:0512",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"
        },
        {
          "name": "59599",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59599"
        },
        {
          "name": "DSA-2926",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-2926"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"
        },
        {
          "name": "SUSE-SU-2014:0667",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://pastebin.com/raw.php?i=yTSFUBgZ"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"
        },
        {
          "name": "USN-2198-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2198-1"
        },
        {
          "name": "USN-2200-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2200-1"
        },
        {
          "name": "USN-2201-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2201-1"
        },
        {
          "name": "USN-2196-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2196-1"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2014-0196",
    "datePublished": "2014-05-07T10:00:00",
    "dateReserved": "2013-12-03T00:00:00",
    "dateUpdated": "2024-08-06T09:05:39.223Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-1497
Vulnerability from cvelistv5
Published
2016-08-26 14:00
Modified
2024-08-05 22:55
Severity ?
Summary
The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (APM) access logs via unspecified vectors.
References
https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/92671vdb-entry, x_refsource_BID
http://www.securitytracker.com/id/1036631vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:55:14.889Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.html"
          },
          {
            "name": "92671",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/92671"
          },
          {
            "name": "1036631",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036631"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-08-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (APM) access logs via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.html"
        },
        {
          "name": "92671",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/92671"
        },
        {
          "name": "1036631",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036631"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-1497",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (APM) access logs via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.html"
            },
            {
              "name": "92671",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/92671"
            },
            {
              "name": "1036631",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036631"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-1497",
    "datePublished": "2016-08-26T14:00:00",
    "dateReserved": "2016-01-06T00:00:00",
    "dateUpdated": "2024-08-05T22:55:14.889Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-7394
Vulnerability from cvelistv5
Published
2015-11-06 18:00
Modified
2024-08-06 07:51
Severity ?
Summary
The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before 12.0.0, BIG-IP AAM 11.4.0 before 12.0.0, BIG-IP AFM, PEM 11.3.0 before 12.0.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.1.0 through 11.3.0, BIG-IP GTM 11.1.0 through 11.6.0, BIG-IP PSM 11.1.0 through 11.4.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ ADC 4.5.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to cause a denial of service or gain privileges by leveraging permission to upload and execute code.
References
http://www.securitytracker.com/id/1034025vdb-entry, x_refsource_SECTRACK
https://support.f5.com/kb/en-us/solutions/public/17000/400/sol17407.htmlx_refsource_CONFIRM
http://www.securitytracker.com/id/1034026vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:51:27.365Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1034025",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034025"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/17000/400/sol17407.html"
          },
          {
            "name": "1034026",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034026"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before 12.0.0, BIG-IP AAM 11.4.0 before 12.0.0, BIG-IP AFM, PEM 11.3.0 before 12.0.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.1.0 through 11.3.0, BIG-IP GTM 11.1.0 through 11.6.0, BIG-IP PSM 11.1.0 through 11.4.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ ADC 4.5.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to cause a denial of service or gain privileges by leveraging permission to upload and execute code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2015-11-06T17:57:03",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1034025",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034025"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/17000/400/sol17407.html"
        },
        {
          "name": "1034026",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034026"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-7394",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before 12.0.0, BIG-IP AAM 11.4.0 before 12.0.0, BIG-IP AFM, PEM 11.3.0 before 12.0.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.1.0 through 11.3.0, BIG-IP GTM 11.1.0 through 11.6.0, BIG-IP PSM 11.1.0 through 11.4.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ ADC 4.5.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to cause a denial of service or gain privileges by leveraging permission to upload and execute code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1034025",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034025"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/17000/400/sol17407.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/17000/400/sol17407.html"
            },
            {
              "name": "1034026",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034026"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-7394",
    "datePublished": "2015-11-06T18:00:00",
    "dateReserved": "2015-09-29T00:00:00",
    "dateUpdated": "2024-08-06T07:51:27.365Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-5022
Vulnerability from cvelistv5
Published
2016-09-07 19:00
Modified
2024-08-06 00:46
Severity ?
Summary
F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.x before 11.2.1 HF16 and 11.3.0; BIG-IP GTM 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1 HF1; BIG-IP PSM 11.2.x before 11.2.1 HF16, 11.3.x, and 11.4.0 through 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0; and iWorkflow 2.0.0, when Packet Filtering is enabled on virtual servers and possibly self IP addresses, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) and possibly have unspecified other impact via crafted network traffic.
References
http://www.securitytracker.com/id/1036710vdb-entry, x_refsource_SECTRACK
https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.htmlx_refsource_CONFIRM
http://www.securitytracker.com/id/1036709vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:46:40.240Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1036710",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036710"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html"
          },
          {
            "name": "1036709",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036709"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-08-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.x before 11.2.1 HF16 and 11.3.0; BIG-IP GTM 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1 HF1; BIG-IP PSM 11.2.x before 11.2.1 HF16, 11.3.x, and 11.4.0 through 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0; and iWorkflow 2.0.0, when Packet Filtering is enabled on virtual servers and possibly self IP addresses, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) and possibly have unspecified other impact via crafted network traffic."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-09-07T18:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1036710",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036710"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html"
        },
        {
          "name": "1036709",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036709"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-5022",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.x before 11.2.1 HF16 and 11.3.0; BIG-IP GTM 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1 HF1; BIG-IP PSM 11.2.x before 11.2.1 HF16, 11.3.x, and 11.4.0 through 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0; and iWorkflow 2.0.0, when Packet Filtering is enabled on virtual servers and possibly self IP addresses, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) and possibly have unspecified other impact via crafted network traffic."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1036710",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036710"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html"
            },
            {
              "name": "1036709",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036709"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-5022",
    "datePublished": "2016-09-07T19:00:00",
    "dateReserved": "2016-05-24T00:00:00",
    "dateUpdated": "2024-08-06T00:46:40.240Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-6546
Vulnerability from cvelistv5
Published
2015-11-06 18:00
Modified
2024-08-06 07:22
Severity ?
Summary
The vCMP host in F5 BIG-IP Analytics, APM, ASM, GTM, Link Controller, and LTM 11.0.0 before 11.6.0, BIG-IP AAM 11.4.0 before 11.6.0, BIG-IP AFM and PEM 11.3.0 before 11.6.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0, BIG-IP PSM 11.0.0 through 11.4.1 allows remote attackers to cause a denial of service via "malicious traffic."
References
http://www.securitytracker.com/id/1033952vdb-entry, x_refsource_SECTRACK
https://support.f5.com/kb/en-us/solutions/public/17000/300/sol17386.htmlx_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:22:22.257Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1033952",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033952"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/17000/300/sol17386.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-10-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The vCMP host in F5 BIG-IP Analytics, APM, ASM, GTM, Link Controller, and LTM 11.0.0 before 11.6.0, BIG-IP AAM 11.4.0 before 11.6.0, BIG-IP AFM and PEM 11.3.0 before 11.6.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0, BIG-IP PSM 11.0.0 through 11.4.1 allows remote attackers to cause a denial of service via \"malicious traffic.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2015-11-06T17:57:03",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1033952",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1033952"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/17000/300/sol17386.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-6546",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The vCMP host in F5 BIG-IP Analytics, APM, ASM, GTM, Link Controller, and LTM 11.0.0 before 11.6.0, BIG-IP AAM 11.4.0 before 11.6.0, BIG-IP AFM and PEM 11.3.0 before 11.6.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0, BIG-IP PSM 11.0.0 through 11.4.1 allows remote attackers to cause a denial of service via \"malicious traffic.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1033952",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1033952"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/17000/300/sol17386.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/17000/300/sol17386.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-6546",
    "datePublished": "2015-11-06T18:00:00",
    "dateReserved": "2015-08-20T00:00:00",
    "dateUpdated": "2024-08-06T07:22:22.257Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-5020
Vulnerability from cvelistv5
Published
2016-06-30 17:00
Modified
2024-08-06 00:46
Severity ?
Summary
F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script.
References
http://www.securitytracker.com/id/1036131vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/bid/91532vdb-entry, x_refsource_BID
https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.htmlx_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:46:40.216Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1036131",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036131"
          },
          {
            "name": "91532",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91532"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1036131",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036131"
        },
        {
          "name": "91532",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91532"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-5020",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1036131",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036131"
            },
            {
              "name": "91532",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91532"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-5020",
    "datePublished": "2016-06-30T17:00:00",
    "dateReserved": "2016-05-24T00:00:00",
    "dateUpdated": "2024-08-06T00:46:40.216Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-3000
Vulnerability from cvelistv5
Published
2014-01-30 15:00
Modified
2024-08-06 19:50
Severity ?
Summary
Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x before 11.2.0-HF3 and 11.2.x before 11.2.1-HF3 allow remote authenticated users to execute arbitrary SQL commands via the defaultQuery parameter.
References
http://secunia.com/advisories/51867third-party-advisory, x_refsource_SECUNIA
http://osvdb.org/89446vdb-entry, x_refsource_OSVDB
http://www.securityfocus.com/bid/57500vdb-entry, x_refsource_BID
http://packetstormsecurity.com/files/119739/F5-BIG-IP-11.2.0-SQL-Injection.htmlx_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/81457vdb-entry, x_refsource_XF
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130122-1_F5_BIG-IP_SQL_Injection_v10.txtx_refsource_MISC
http://archives.neohapsis.com/archives/bugtraq/2013-01/0094.htmlmailing-list, x_refsource_BUGTRAQ
http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14154.htmlx_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:50:05.449Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "51867",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51867"
          },
          {
            "name": "89446",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/89446"
          },
          {
            "name": "57500",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/57500"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/119739/F5-BIG-IP-11.2.0-SQL-Injection.html"
          },
          {
            "name": "f5bigip-sql-injection(81457)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81457"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130122-1_F5_BIG-IP_SQL_Injection_v10.txt"
          },
          {
            "name": "20130122 SEC Consult SA-20130122-1 :: F5 BIG-IP SQL injection vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0094.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14154.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-01-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x before 11.2.0-HF3 and 11.2.x before 11.2.1-HF3 allow remote authenticated users to execute arbitrary SQL commands via the defaultQuery parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "51867",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51867"
        },
        {
          "name": "89446",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/89446"
        },
        {
          "name": "57500",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/57500"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/119739/F5-BIG-IP-11.2.0-SQL-Injection.html"
        },
        {
          "name": "f5bigip-sql-injection(81457)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81457"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130122-1_F5_BIG-IP_SQL_Injection_v10.txt"
        },
        {
          "name": "20130122 SEC Consult SA-20130122-1 :: F5 BIG-IP SQL injection vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0094.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14154.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2012-3000",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x before 11.2.0-HF3 and 11.2.x before 11.2.1-HF3 allow remote authenticated users to execute arbitrary SQL commands via the defaultQuery parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "51867",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51867"
            },
            {
              "name": "89446",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/89446"
            },
            {
              "name": "57500",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/57500"
            },
            {
              "name": "http://packetstormsecurity.com/files/119739/F5-BIG-IP-11.2.0-SQL-Injection.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/119739/F5-BIG-IP-11.2.0-SQL-Injection.html"
            },
            {
              "name": "f5bigip-sql-injection(81457)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81457"
            },
            {
              "name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130122-1_F5_BIG-IP_SQL_Injection_v10.txt",
              "refsource": "MISC",
              "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130122-1_F5_BIG-IP_SQL_Injection_v10.txt"
            },
            {
              "name": "20130122 SEC Consult SA-20130122-1 :: F5 BIG-IP SQL injection vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0094.html"
            },
            {
              "name": "http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14154.html",
              "refsource": "CONFIRM",
              "url": "http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14154.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2012-3000",
    "datePublished": "2014-01-30T15:00:00",
    "dateReserved": "2012-05-30T00:00:00",
    "dateUpdated": "2024-08-06T19:50:05.449Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-8240
Vulnerability from cvelistv5
Published
2016-04-11 14:00
Modified
2024-08-06 08:13
Severity ?
Summary
The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and BIG-IP PEM before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.0 HF6 and BIG-IP PSM before 11.4.1 HF10 does not properly handle TCP options, which allows remote attackers to cause a denial of service via unspecified vectors, related to the tm.minpathmtu database variable.
References
https://support.f5.com/kb/en-us/solutions/public/k/06/sol06223540.htmlx_refsource_CONFIRM
http://www.securitytracker.com/id/1035367vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:13:31.807Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06223540.html"
          },
          {
            "name": "1035367",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035367"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-03-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and BIG-IP PEM before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.0 HF6 and BIG-IP PSM before 11.4.1 HF10 does not properly handle TCP options, which allows remote attackers to cause a denial of service via unspecified vectors, related to the tm.minpathmtu database variable."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-04-11T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06223540.html"
        },
        {
          "name": "1035367",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035367"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8240",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and BIG-IP PEM before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.0 HF6 and BIG-IP PSM before 11.4.1 HF10 does not properly handle TCP options, which allows remote attackers to cause a denial of service via unspecified vectors, related to the tm.minpathmtu database variable."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06223540.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06223540.html"
            },
            {
              "name": "1035367",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035367"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8240",
    "datePublished": "2016-04-11T14:00:00",
    "dateReserved": "2015-11-18T00:00:00",
    "dateUpdated": "2024-08-06T08:13:31.807Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-15321
Vulnerability from cvelistv5
Published
2018-10-31 14:00
Modified
2024-08-05 09:54
Severity ?
Summary
When BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.1.0-2.3.0, or Enterprise Manager 3.1.1 is licensed for Appliance Mode, Admin and Resource administrator roles can by-pass BIG-IP Appliance Mode restrictions to overwrite critical system files. Attackers of high privilege level are able to overwrite critical system files which bypasses security controls in place to limit TMSH commands. This is possible with an administrator or resource administrator roles when granted TMSH. Resource administrator roles must have TMSH access in order to perform this attack.
References
https://support.f5.com/csp/article/K01067037x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:54:01.880Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K01067037"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator), BIG-IQ Centralized Management, BIG-IQ Cloud and Orchestration, iWorkflow, Enterprise Manager",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, 11.2.1-11.5.6"
            }
          ]
        }
      ],
      "datePublic": "2018-10-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.1.0-2.3.0, or Enterprise Manager 3.1.1 is licensed for Appliance Mode, Admin and Resource administrator roles can by-pass BIG-IP Appliance Mode restrictions to overwrite critical system files. Attackers of high privilege level are able to overwrite critical system files which bypasses security controls in place to limit TMSH commands. This is possible with an administrator or resource administrator roles when granted TMSH. Resource administrator roles must have TMSH access in order to perform this attack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Privilege escalation",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-31T13:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K01067037"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2018-15321",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator), BIG-IQ Centralized Management, BIG-IQ Cloud and Orchestration, iWorkflow, Enterprise Manager",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, 11.2.1-11.5.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.1.0-2.3.0, or Enterprise Manager 3.1.1 is licensed for Appliance Mode, Admin and Resource administrator roles can by-pass BIG-IP Appliance Mode restrictions to overwrite critical system files. Attackers of high privilege level are able to overwrite critical system files which bypasses security controls in place to limit TMSH commands. This is possible with an administrator or resource administrator roles when granted TMSH. Resource administrator roles must have TMSH access in order to perform this attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Privilege escalation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K01067037",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K01067037"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2018-15321",
    "datePublished": "2018-10-31T14:00:00",
    "dateReserved": "2018-08-14T00:00:00",
    "dateUpdated": "2024-08-05T09:54:01.880Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-5516
Vulnerability from cvelistv5
Published
2016-01-20 16:00
Modified
2024-08-06 06:50
Severity ?
Summary
Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.x before HF6, BIG-IP AAM 11.4.x, 11.5.x before 11.5.3 HF2 and 11.6.0 before HF6, BIG-IP AFM and PEM 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Analytics 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP APM and ASM 10.1.0 through 10.2.4, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, and 11.3.0, BIG-IP PSM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, and 11.4.x before 11.4.1 HF, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 might allow remote attackers to cause a denial of service (memory consumption) via a large number of crafted UDP packets.
References
http://www.securitytracker.com/id/1034687vdb-entry, x_refsource_SECTRACK
http://www.securitytracker.com/id/1034686vdb-entry, x_refsource_SECTRACK
https://support.f5.com/kb/en-us/solutions/public/k/00/sol00032124.htmlx_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:50:02.860Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1034687",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034687"
          },
          {
            "name": "1034686",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034686"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00032124.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.x before HF6, BIG-IP AAM 11.4.x, 11.5.x before 11.5.3 HF2 and 11.6.0 before HF6, BIG-IP AFM and PEM 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Analytics 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP APM and ASM 10.1.0 through 10.2.4, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, and 11.3.0, BIG-IP PSM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, and 11.4.x before 11.4.1 HF, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 might allow remote attackers to cause a denial of service (memory consumption) via a large number of crafted UDP packets."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-01-20T15:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1034687",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034687"
        },
        {
          "name": "1034686",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034686"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00032124.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-5516",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.x before HF6, BIG-IP AAM 11.4.x, 11.5.x before 11.5.3 HF2 and 11.6.0 before HF6, BIG-IP AFM and PEM 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Analytics 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP APM and ASM 10.1.0 through 10.2.4, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, and 11.3.0, BIG-IP PSM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, and 11.4.x before 11.4.1 HF, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 might allow remote attackers to cause a denial of service (memory consumption) via a large number of crafted UDP packets."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1034687",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034687"
            },
            {
              "name": "1034686",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034686"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00032124.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00032124.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-5516",
    "datePublished": "2016-01-20T16:00:00",
    "dateReserved": "2015-07-13T00:00:00",
    "dateUpdated": "2024-08-06T06:50:02.860Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-15318
Vulnerability from cvelistv5
Published
2018-10-31 14:00
Modified
2024-08-05 09:46
Severity ?
Summary
In BIG-IP 14.0.0-14.0.0.2, 13.1.0.4-13.1.1.1, or 12.1.3.4-12.1.3.6, If an MPTCP connection receives an abort signal while the initial flow is not the primary flow, the initial flow will remain after the closing procedure is complete. TMM may restart and produce a core file as a result of this condition.
References
https://support.f5.com/csp/article/K16248201x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:46:25.458Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K16248201"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "14.0.0-14.0.0.2, 13.1.0.4-13.1.1.1, 12.1.3.4-12.1.3.6"
            }
          ]
        }
      ],
      "datePublic": "2018-10-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In BIG-IP 14.0.0-14.0.0.2, 13.1.0.4-13.1.1.1, or 12.1.3.4-12.1.3.6, If an MPTCP connection receives an abort signal while the initial flow is not the primary flow, the initial flow will remain after the closing procedure is complete. TMM may restart and produce a core file as a result of this condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "DoS",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-12-14T14:57:02",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K16248201"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2018-15318",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "14.0.0-14.0.0.2, 13.1.0.4-13.1.1.1, 12.1.3.4-12.1.3.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In BIG-IP 14.0.0-14.0.0.2, 13.1.0.4-13.1.1.1, or 12.1.3.4-12.1.3.6, If an MPTCP connection receives an abort signal while the initial flow is not the primary flow, the initial flow will remain after the closing procedure is complete. TMM may restart and produce a core file as a result of this condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "DoS"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K16248201",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K16248201"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2018-15318",
    "datePublished": "2018-10-31T14:00:00",
    "dateReserved": "2018-08-14T00:00:00",
    "dateUpdated": "2024-08-05T09:46:25.458Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7468
Vulnerability from cvelistv5
Published
2017-03-23 14:00
Modified
2024-08-06 01:57
Severity ?
Summary
An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4 devices with maliciously crafted network traffic. This vulnerability affects virtual servers associated with TCP profiles when the BIG-IP system's tm.tcpprogressive db variable value is set to non-default setting "enabled". The default value for the tm.tcpprogressive db variable is "negotiate". An attacker may be able to disrupt traffic or cause the BIG-IP system to fail over to another device in the device group.
References
http://www.securityfocus.com/bid/97119vdb-entry, x_refsource_BID
http://www.securitytracker.com/id/1038121vdb-entry, x_refsource_SECTRACK
https://support.f5.com/csp/article/K13053402x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:57:47.659Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "97119",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/97119"
          },
          {
            "name": "1038121",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038121"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K13053402"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, PEM, PSM,",
          "vendor": "F5 Networks",
          "versions": [
            {
              "status": "affected",
              "version": "11.4.1 - 11.5.4"
            }
          ]
        }
      ],
      "datePublic": "2017-03-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4 devices with maliciously crafted network traffic. This vulnerability affects virtual servers associated with TCP profiles when the BIG-IP system\u0027s tm.tcpprogressive db variable value is set to non-default setting \"enabled\". The default value for the tm.tcpprogressive db variable is \"negotiate\". An attacker may be able to disrupt traffic or cause the BIG-IP system to fail over to another device in the device group."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "denial of service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-11T09:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "name": "97119",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/97119"
        },
        {
          "name": "1038121",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038121"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K13053402"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2016-7468",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, PEM, PSM,",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "11.4.1 - 11.5.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4 devices with maliciously crafted network traffic. This vulnerability affects virtual servers associated with TCP profiles when the BIG-IP system\u0027s tm.tcpprogressive db variable value is set to non-default setting \"enabled\". The default value for the tm.tcpprogressive db variable is \"negotiate\". An attacker may be able to disrupt traffic or cause the BIG-IP system to fail over to another device in the device group."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "denial of service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "97119",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/97119"
            },
            {
              "name": "1038121",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038121"
            },
            {
              "name": "https://support.f5.com/csp/article/K13053402",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K13053402"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2016-7468",
    "datePublished": "2017-03-23T14:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T01:57:47.659Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7474
Vulnerability from cvelistv5
Published
2017-03-27 15:00
Modified
2024-08-06 01:57
Severity ?
Summary
In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information.
References
https://support.f5.com/csp/article/K52180214x_refsource_CONFIRM
http://www.securityfocus.com/bid/97198vdb-entry, x_refsource_BID
http://www.securitytracker.com/id/1038133vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:57:47.652Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K52180214"
          },
          {
            "name": "97198",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/97198"
          },
          {
            "name": "1038133",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038133"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM",
          "vendor": "F5 Networks",
          "versions": [
            {
              "status": "affected",
              "version": "10.2.1, 10.2.2, 10.2.3, 10.2.4, 11.2.1, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 12.1.0, 12.1.1"
            }
          ]
        }
      ],
      "datePublic": "2017-03-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "MCPD data on disk may expose sensitive parameters",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-11T09:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K52180214"
        },
        {
          "name": "97198",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/97198"
        },
        {
          "name": "1038133",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038133"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2016-7474",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.2.1, 10.2.2, 10.2.3, 10.2.4, 11.2.1, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 12.1.0, 12.1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "MCPD data on disk may expose sensitive parameters"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K52180214",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K52180214"
            },
            {
              "name": "97198",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/97198"
            },
            {
              "name": "1038133",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038133"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2016-7474",
    "datePublished": "2017-03-27T15:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T01:57:47.652Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2011-3188
Vulnerability from cvelistv5
Published
2012-05-24 23:00
Modified
2024-08-06 23:22
Severity ?
Summary
The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.
References
https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535fx_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2011/08/23/2mailing-list, x_refsource_MLIST
https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ecx_refsource_CONFIRM
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ecx_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=732658x_refsource_CONFIRM
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=139447903326211&w=2vendor-advisory, x_refsource_HP
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535fx_refsource_CONFIRM
https://support.f5.com/csp/article/K15301?utm_source=f5support&amp%3Butm_medium=RSSx_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:22:27.694Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f"
          },
          {
            "name": "[oss-security] 20110823 Re: CVE request: kernel: change in how tcp seq numbers are generated",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/08/23/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732658"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
          },
          {
            "name": "HPSBGN02970",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K15301?utm_source=f5support\u0026amp%3Butm_medium=RSS"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-08-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-18T23:06:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f"
        },
        {
          "name": "[oss-security] 20110823 Re: CVE request: kernel: change in how tcp seq numbers are generated",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/08/23/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732658"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
        },
        {
          "name": "HPSBGN02970",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K15301?utm_source=f5support\u0026amp%3Butm_medium=RSS"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-3188",
    "datePublished": "2012-05-24T23:00:00",
    "dateReserved": "2011-08-19T00:00:00",
    "dateUpdated": "2024-08-06T23:22:27.694Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-15320
Vulnerability from cvelistv5
Published
2018-10-31 14:00
Modified
2024-08-05 09:46
Severity ?
Summary
On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, undisclosed traffic patterns may lead to denial of service conditions for the BIG-IP system. The configuration which exposes this condition is the BIG-IP self IP address which is part of a VLAN group and has the Port Lockdown setting configured with anything other than "allow-all".
References
https://support.f5.com/csp/article/K72442354x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:46:25.460Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K72442354"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "14.0.0-14.0.0.2, 13.0.0-13.1.1.1"
            }
          ]
        }
      ],
      "datePublic": "2018-10-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, undisclosed traffic patterns may lead to denial of service conditions for the BIG-IP system. The configuration which exposes this condition is the BIG-IP self IP address which is part of a VLAN group and has the Port Lockdown setting configured with anything other than \"allow-all\"."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "DoS",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-31T13:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K72442354"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2018-15320",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "14.0.0-14.0.0.2, 13.0.0-13.1.1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, undisclosed traffic patterns may lead to denial of service conditions for the BIG-IP system. The configuration which exposes this condition is the BIG-IP self IP address which is part of a VLAN group and has the Port Lockdown setting configured with anything other than \"allow-all\"."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "DoS"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K72442354",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K72442354"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2018-15320",
    "datePublished": "2018-10-31T14:00:00",
    "dateReserved": "2018-08-14T00:00:00",
    "dateUpdated": "2024-08-05T09:46:25.460Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-4420
Vulnerability from cvelistv5
Published
2009-12-24 17:00
Modified
2024-08-07 07:01
Severity ?
Summary
Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: some of these details are obtained from third party information.
References
http://www.securitytracker.com/id?1023386vdb-entry, x_refsource_SECTRACK
https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.htmlx_refsource_CONFIRM
http://osvdb.org/61297vdb-entry, x_refsource_OSVDB
https://exchange.xforce.ibmcloud.com/vulnerabilities/55005vdb-entry, x_refsource_XF
http://www.vupen.com/english/advisories/2009/3627vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/37805third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/37452vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:01:20.167Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1023386",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1023386"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html"
          },
          {
            "name": "61297",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/61297"
          },
          {
            "name": "bigip-asm-psm-bd-dos(55005)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005"
          },
          {
            "name": "ADV-2009-3627",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3627"
          },
          {
            "name": "37805",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37805"
          },
          {
            "name": "37452",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/37452"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-12-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors.  NOTE: some of these details are obtained from third party information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1023386",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1023386"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html"
        },
        {
          "name": "61297",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/61297"
        },
        {
          "name": "bigip-asm-psm-bd-dos(55005)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005"
        },
        {
          "name": "ADV-2009-3627",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3627"
        },
        {
          "name": "37805",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37805"
        },
        {
          "name": "37452",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/37452"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-4420",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors.  NOTE: some of these details are obtained from third party information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1023386",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1023386"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html"
            },
            {
              "name": "61297",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/61297"
            },
            {
              "name": "bigip-asm-psm-bd-dos(55005)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005"
            },
            {
              "name": "ADV-2009-3627",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/3627"
            },
            {
              "name": "37805",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37805"
            },
            {
              "name": "37452",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/37452"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-4420",
    "datePublished": "2009-12-24T17:00:00",
    "dateReserved": "2009-12-24T00:00:00",
    "dateUpdated": "2024-08-07T07:01:20.167Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-6031
Vulnerability from cvelistv5
Published
2017-06-08 16:00
Modified
2024-08-06 12:03
Severity ?
Summary
Buffer overflow in the mcpq daemon in F5 BIG-IP systems 10.x before 10.2.4 HF12, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x before 11.4.1 HF9, 11.5.x before 11.5.2 HF1, and 11.6.0 before HF4, and Enterprise Manager 2.1.0 through 2.3.0 and 3.x before 3.1.1 HF5 allows remote authenticated administrators to cause a denial of service via unspecified vectors.
References
https://support.f5.com/csp/article/K16196x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T12:03:02.298Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K16196"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-03-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the mcpq daemon in F5 BIG-IP systems 10.x before 10.2.4 HF12, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x before 11.4.1 HF9, 11.5.x before 11.5.2 HF1, and 11.6.0 before HF4, and Enterprise Manager 2.1.0 through 2.3.0 and 3.x before 3.1.1 HF5 allows remote authenticated administrators to cause a denial of service via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-08T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K16196"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-6031",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the mcpq daemon in F5 BIG-IP systems 10.x before 10.2.4 HF12, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x before 11.4.1 HF9, 11.5.x before 11.5.2 HF1, and 11.6.0 before HF4, and Enterprise Manager 2.1.0 through 2.3.0 and 3.x before 3.1.1 HF5 allows remote authenticated administrators to cause a denial of service via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K16196",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K16196"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-6031",
    "datePublished": "2017-06-08T16:00:00",
    "dateReserved": "2014-09-01T00:00:00",
    "dateUpdated": "2024-08-06T12:03:02.298Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7469
Vulnerability from cvelistv5
Published
2017-06-09 15:00
Modified
2024-08-06 01:57
Severity ?
Summary
A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable.
References
https://support.f5.com/csp/article/K97285349x_refsource_CONFIRM
http://www.securitytracker.com/id/1037559vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/bid/95320vdb-entry, x_refsource_BID
http://www.securitytracker.com/id/1037560vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:57:47.636Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K97285349"
          },
          {
            "name": "1037559",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037559"
          },
          {
            "name": "95320",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95320"
          },
          {
            "name": "1037560",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037560"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM,WebAccelerator,WOM,WebSafe",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "12.0.0 - 12.1.2"
            },
            {
              "status": "affected",
              "version": "11.4.0 - 11.6.1"
            },
            {
              "status": "affected",
              "version": "11.2.1"
            }
          ]
        }
      ],
      "datePublic": "2017-06-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "cross-site scripting (XSS)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-26T09:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K97285349"
        },
        {
          "name": "1037559",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037559"
        },
        {
          "name": "95320",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95320"
        },
        {
          "name": "1037560",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037560"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2016-7469",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM,WebAccelerator,WOM,WebSafe",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "12.0.0 - 12.1.2"
                          },
                          {
                            "version_value": "11.4.0 - 11.6.1"
                          },
                          {
                            "version_value": "11.2.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "cross-site scripting (XSS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K97285349",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K97285349"
            },
            {
              "name": "1037559",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037559"
            },
            {
              "name": "95320",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95320"
            },
            {
              "name": "1037560",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037560"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2016-7469",
    "datePublished": "2017-06-09T15:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T01:57:47.636Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-4024
Vulnerability from cvelistv5
Published
2018-03-19 21:00
Modified
2024-08-06 11:04
Severity ?
Summary
SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x before 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used with third-party Secure Sockets Layer (SSL) accelerator cards, might allow remote attackers to have unspecified impact via a timing side-channel attack.
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/95834vdb-entry, x_refsource_XF
https://support.f5.com/csp/article/K15500x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T11:04:28.082Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "f5-cve20144024-info-disc(95834)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95834"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K15500"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-09-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x before 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used with third-party Secure Sockets Layer (SSL) accelerator cards, might allow remote attackers to have unspecified impact via a timing side-channel attack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-03-19T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "f5-cve20144024-info-disc(95834)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95834"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K15500"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-4024",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x before 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used with third-party Secure Sockets Layer (SSL) accelerator cards, might allow remote attackers to have unspecified impact via a timing side-channel attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "f5-cve20144024-info-disc(95834)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95834"
            },
            {
              "name": "https://support.f5.com/csp/article/K15500",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K15500"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-4024",
    "datePublished": "2018-03-19T21:00:00",
    "dateReserved": "2014-06-11T00:00:00",
    "dateUpdated": "2024-08-06T11:04:28.082Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7476
Vulnerability from cvelistv5
Published
2017-05-11 16:00
Modified
2024-08-06 01:57
Severity ?
Summary
The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, APM, ASM, GTM, Link Controller, PEM, PSM, and WebSafe 11.6.0 before 11.6.0 HF6, 11.5.0 before 11.5.3 HF2, and 11.3.0 before 11.4.1 HF10 may suffer from a memory leak while handling certain types of TCP traffic. Remote attackers may cause a denial of service (DoS) by way of a crafted TCP packet.
References
http://www.securitytracker.com/id/1037274vdb-entry, x_refsource_SECTRACK
https://support.f5.com/csp/#/article/K87416818x_refsource_CONFIRM
http://www.securityfocus.com/bid/94353vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:57:47.651Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1037274",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037274"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/#/article/K87416818"
          },
          {
            "name": "94353",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94353"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP LTM, AAM, AFM, APM, ASM, GTM, Link Controller, PEM, PSM, WebSafe",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "11.6.0 before 11.6.0 HF6, 11.5.0 before 11.5.3 HF2, 11.3.0 before 11.4.1 HF10"
            }
          ]
        }
      ],
      "datePublic": "2016-11-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, APM, ASM, GTM, Link Controller, PEM, PSM, and WebSafe 11.6.0 before 11.6.0 HF6, 11.5.0 before 11.5.3 HF2, and 11.3.0 before 11.4.1 HF10 may suffer from a memory leak while handling certain types of TCP traffic. Remote attackers may cause a denial of service (DoS) by way of a crafted TCP packet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Traffic Management Microkernel (TMM) memory leak",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-27T09:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "name": "1037274",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037274"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/#/article/K87416818"
        },
        {
          "name": "94353",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/94353"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2016-7476",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP LTM, AAM, AFM, APM, ASM, GTM, Link Controller, PEM, PSM, WebSafe",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "11.6.0 before 11.6.0 HF6, 11.5.0 before 11.5.3 HF2, 11.3.0 before 11.4.1 HF10"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, APM, ASM, GTM, Link Controller, PEM, PSM, and WebSafe 11.6.0 before 11.6.0 HF6, 11.5.0 before 11.5.3 HF2, and 11.3.0 before 11.4.1 HF10 may suffer from a memory leak while handling certain types of TCP traffic. Remote attackers may cause a denial of service (DoS) by way of a crafted TCP packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Traffic Management Microkernel (TMM) memory leak"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1037274",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037274"
            },
            {
              "name": "https://support.f5.com/csp/#/article/K87416818",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/#/article/K87416818"
            },
            {
              "name": "94353",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/94353"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2016-7476",
    "datePublished": "2017-05-11T16:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T01:57:47.651Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-2927
Vulnerability from cvelistv5
Published
2014-10-15 14:00
Modified
2024-08-06 10:28
Severity ?
Summary
The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address.
References
https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.htmlx_refsource_CONFIRM
http://www.security-assessment.com/files/documents/advisory/F5_Unauthenticated_rsync_access_to_Remote_Root_Code_Execution.pdfx_refsource_MISC
http://www.exploit-db.com/exploits/34465exploit, x_refsource_EXPLOIT-DB
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:28:46.416Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.security-assessment.com/files/documents/advisory/F5_Unauthenticated_rsync_access_to_Remote_Root_Code_Execution.pdf"
          },
          {
            "name": "34465",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/34465"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-08-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-10-15T11:57:00",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.security-assessment.com/files/documents/advisory/F5_Unauthenticated_rsync_access_to_Remote_Root_Code_Execution.pdf"
        },
        {
          "name": "34465",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/34465"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2014-2927",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.html"
            },
            {
              "name": "http://www.security-assessment.com/files/documents/advisory/F5_Unauthenticated_rsync_access_to_Remote_Root_Code_Execution.pdf",
              "refsource": "MISC",
              "url": "http://www.security-assessment.com/files/documents/advisory/F5_Unauthenticated_rsync_access_to_Remote_Root_Code_Execution.pdf"
            },
            {
              "name": "34465",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/34465"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2014-2927",
    "datePublished": "2014-10-15T14:00:00",
    "dateReserved": "2014-04-21T00:00:00",
    "dateUpdated": "2024-08-06T10:28:46.416Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-6163
Vulnerability from cvelistv5
Published
2017-10-27 14:00
Modified
2024-09-16 20:37
Severity ?
Summary
In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a number of concurrent streams beyond the advertised limit can cause a disruption of service. Remote client initiating stream beyond the advertised limit can cause a disruption of service. The Traffic Management Microkernel (TMM) data plane is exposed to this issue; the control plane is not exposed.
References
http://www.securitytracker.com/id/1039671vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/bid/101606vdb-entry, x_refsource_BID
https://support.f5.com/csp/article/K22541983x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:18:49.907Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039671",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039671"
          },
          {
            "name": "101606",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101606"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K22541983"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "12.0.0 - 12.1.2"
            },
            {
              "status": "affected",
              "version": "11.6.0 \u0026#xe2"
            },
            {
              "status": "affected",
              "version": "\u0026#x80"
            },
            {
              "status": "affected",
              "version": "\" 11.6.1"
            },
            {
              "status": "affected",
              "version": "11.4.0 \u0026#xe2"
            },
            {
              "status": "affected",
              "version": "\" 11.5.4"
            }
          ]
        }
      ],
      "datePublic": "2017-10-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a number of concurrent streams beyond the advertised limit can cause a disruption of service. Remote client initiating stream beyond the advertised limit can cause a disruption of service. The Traffic Management Microkernel (TMM) data plane is exposed to this issue; the control plane is not exposed."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "denial of service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-01T09:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "name": "1039671",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039671"
        },
        {
          "name": "101606",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101606"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K22541983"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "DATE_PUBLIC": "2017-10-26T00:00:00",
          "ID": "CVE-2017-6163",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "12.0.0 - 12.1.2"
                          },
                          {
                            "version_value": "11.6.0 \u0026#xe2"
                          },
                          {
                            "version_value": "\u0026#x80"
                          },
                          {
                            "version_value": "\" 11.6.1"
                          },
                          {
                            "version_value": "11.4.0 \u0026#xe2"
                          },
                          {
                            "version_value": "\u0026#x80"
                          },
                          {
                            "version_value": "\" 11.5.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a number of concurrent streams beyond the advertised limit can cause a disruption of service. Remote client initiating stream beyond the advertised limit can cause a disruption of service. The Traffic Management Microkernel (TMM) data plane is exposed to this issue; the control plane is not exposed."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "denial of service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039671",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039671"
            },
            {
              "name": "101606",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101606"
            },
            {
              "name": "https://support.f5.com/csp/article/K22541983",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K22541983"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2017-6163",
    "datePublished": "2017-10-27T14:00:00Z",
    "dateReserved": "2017-02-21T00:00:00",
    "dateUpdated": "2024-09-16T20:37:49.159Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-15317
Vulnerability from cvelistv5
Published
2018-10-31 14:00
Modified
2024-08-05 09:46
Severity ?
Summary
In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.2.1-11.6.3.2, an attacker sending specially crafted SSL records to a SSL Virtual Server will cause corruption in the SSL data structures leading to intermittent decrypt BAD_RECORD_MAC errors. Clients will be unable to access the application load balanced by a virtual server with an SSL profile until tmm is restarted.
References
https://support.f5.com/csp/article/K43625118x_refsource_CONFIRM
https://support.f5.com/csp/article/K43625118?utm_source=f5support&amp%3Butm_medium=RSSx_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:46:25.577Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K43625118"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K43625118?utm_source=f5support\u0026amp%3Butm_medium=RSS"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, 11.2.1-11.5.6"
            }
          ]
        }
      ],
      "datePublic": "2018-10-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.2.1-11.6.3.2, an attacker sending specially crafted SSL records to a SSL Virtual Server will cause corruption in the SSL data structures leading to intermittent decrypt BAD_RECORD_MAC errors. Clients will be unable to access the application load balanced by a virtual server with an SSL profile until tmm is restarted."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "DoS",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-09T19:07:46",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K43625118"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K43625118?utm_source=f5support\u0026amp%3Butm_medium=RSS"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2018-15317",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, 11.2.1-11.5.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.2.1-11.6.3.2, an attacker sending specially crafted SSL records to a SSL Virtual Server will cause corruption in the SSL data structures leading to intermittent decrypt BAD_RECORD_MAC errors. Clients will be unable to access the application load balanced by a virtual server with an SSL profile until tmm is restarted."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "DoS"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K43625118",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K43625118"
            },
            {
              "name": "https://support.f5.com/csp/article/K43625118?utm_source=f5support\u0026amp;utm_medium=RSS",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K43625118?utm_source=f5support\u0026amp;utm_medium=RSS"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2018-15317",
    "datePublished": "2018-10-31T14:00:00",
    "dateReserved": "2018-08-14T00:00:00",
    "dateUpdated": "2024-08-05T09:46:25.577Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-15325
Vulnerability from cvelistv5
Published
2018-10-31 14:00
Modified
2024-08-05 09:54
Severity ?
Summary
In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, iControl and TMSH usage by authenticated users may leak a small amount of memory when executing commands
References
https://support.f5.com/csp/article/K77313277x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:54:01.936Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K77313277"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "14.0.0-14.0.0.2, 13.0.0-13.1.1.1"
            }
          ]
        }
      ],
      "datePublic": "2018-10-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, iControl and TMSH usage by authenticated users may leak a small amount of memory when executing commands"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "DoS",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-31T13:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K77313277"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2018-15325",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "14.0.0-14.0.0.2, 13.0.0-13.1.1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, iControl and TMSH usage by authenticated users may leak a small amount of memory when executing commands"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "DoS"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K77313277",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K77313277"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2018-15325",
    "datePublished": "2018-10-31T14:00:00",
    "dateReserved": "2018-08-14T00:00:00",
    "dateUpdated": "2024-08-05T09:54:01.936Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-8022
Vulnerability from cvelistv5
Published
2016-08-19 21:00
Modified
2024-08-06 08:06
Severity ?
Summary
The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AFM and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF16 and 11.3.0; and BIG-IP PSM 11.x before 11.2.1 HF16, 11.3.x, and 11.4.x before 11.4.1 HF10 allows remote authenticated users with certain permissions to gain privileges by leveraging an Access Policy Manager customization configuration section that allows file uploads.
References
https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.htmlx_refsource_CONFIRM
http://www.securitytracker.com/id/1036627vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:06:31.559Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.html"
          },
          {
            "name": "1036627",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036627"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-08-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AFM and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF16 and 11.3.0; and BIG-IP PSM 11.x before 11.2.1 HF16, 11.3.x, and 11.4.x before 11.4.1 HF10 allows remote authenticated users with certain permissions to gain privileges by leveraging an Access Policy Manager customization configuration section that allows file uploads."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-08-19T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.html"
        },
        {
          "name": "1036627",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036627"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8022",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AFM and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF16 and 11.3.0; and BIG-IP PSM 11.x before 11.2.1 HF16, 11.3.x, and 11.4.x before 11.4.1 HF10 allows remote authenticated users with certain permissions to gain privileges by leveraging an Access Policy Manager customization configuration section that allows file uploads."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.html"
            },
            {
              "name": "1036627",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036627"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8022",
    "datePublished": "2016-08-19T21:00:00",
    "dateReserved": "2015-10-28T00:00:00",
    "dateUpdated": "2024-08-06T08:06:31.559Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-6876
Vulnerability from cvelistv5
Published
2016-09-07 19:00
Modified
2024-08-06 01:43
Severity ?
Summary
The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link Controller 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP Analytics 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP DNS 12.0.0 before HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 10.2.1 through 10.2.4 and 11.2.1; BIG-IP GTM 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 10.2.1 through 10.2.4 and 11.4.0 through 11.4.1 allows remote DNS servers to cause a denial of service (CPU consumption or Traffic Management Microkernel crash) via a crafted PTR response.
References
http://www.securitytracker.com/id/1036725vdb-entry, x_refsource_SECTRACK
https://support.f5.com/kb/en-us/solutions/public/k/52/sol52638558.htmlx_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:43:38.465Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1036725",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036725"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/52/sol52638558.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-08-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link Controller 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP Analytics 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP DNS 12.0.0 before HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 10.2.1 through 10.2.4 and 11.2.1; BIG-IP GTM 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 10.2.1 through 10.2.4 and 11.4.0 through 11.4.1 allows remote DNS servers to cause a denial of service (CPU consumption or Traffic Management Microkernel crash) via a crafted PTR response."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-09-07T18:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1036725",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036725"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/52/sol52638558.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-6876",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link Controller 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP Analytics 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP DNS 12.0.0 before HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 10.2.1 through 10.2.4 and 11.2.1; BIG-IP GTM 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 10.2.1 through 10.2.4 and 11.4.0 through 11.4.1 allows remote DNS servers to cause a denial of service (CPU consumption or Traffic Management Microkernel crash) via a crafted PTR response."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1036725",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036725"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/52/sol52638558.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/52/sol52638558.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-6876",
    "datePublished": "2016-09-07T19:00:00",
    "dateReserved": "2016-08-18T00:00:00",
    "dateUpdated": "2024-08-06T01:43:38.465Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-7169
Vulnerability from cvelistv5
Published
2014-09-25 01:00
Modified
2024-08-06 12:40
Severity ?
Summary
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
References
http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.htmlx_refsource_MISC
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21685749x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2014/09/24/32mailing-list, x_refsource_MLIST
http://marc.info/?l=bugtraq&m=141577137423233&w=2vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=141216668515282&w=2vendor-advisory, x_refsource_HP
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlertsx_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=141383138121313&w=2vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=142721162228379&w=2vendor-advisory, x_refsource_HP
http://www.securityfocus.com/archive/1/533593/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://marc.info/?l=bugtraq&m=142358026505815&w=2vendor-advisory, x_refsource_HP
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.htmlvendor-advisory, x_refsource_SUSE
http://www-01.ibm.com/support/docview.wss?uid=swg21686084x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21686479x_refsource_CONFIRM
http://secunia.com/advisories/61188third-party-advisory, x_refsource_SECUNIA
http://jvn.jp/en/jp/JVN55667175/index.htmlthird-party-advisory, x_refsource_JVN
http://secunia.com/advisories/61676third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/60433third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=141383026420882&w=2vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=141585637922673&w=2vendor-advisory, x_refsource_HP
http://rhn.redhat.com/errata/RHSA-2014-1306.htmlvendor-advisory, x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=141576728022234&w=2vendor-advisory, x_refsource_HP
http://www-01.ibm.com/support/docview.wss?uid=swg21685541x_refsource_CONFIRM
http://secunia.com/advisories/61715third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-2363-2vendor-advisory, x_refsource_UBUNTU
http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.htmlx_refsource_CONFIRM
http://secunia.com/advisories/61816third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/61442third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=142358078406056&w=2vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=142805027510172&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/61283third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=142113462216480&w=2vendor-advisory, x_refsource_HP
https://kc.mcafee.com/corporate/index?page=content&id=SB10085x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/61654third-party-advisory, x_refsource_SECUNIA
http://www.novell.com/support/kb/doc.php?id=7015701x_refsource_CONFIRM
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315x_refsource_CONFIRM
http://secunia.com/advisories/62312third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59272third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=141319209015420&w=2vendor-advisory, x_refsource_HP
https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.htmlx_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=141879528318582&w=2vendor-advisory, x_refsource_HP
http://rhn.redhat.com/errata/RHSA-2014-1312.htmlvendor-advisory, x_refsource_REDHAT
http://www-01.ibm.com/support/docview.wss?uid=swg21685604x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-2363-1vendor-advisory, x_refsource_UBUNTU
http://marc.info/?l=bugtraq&m=142118135300698&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/61703third-party-advisory, x_refsource_SECUNIA
http://support.apple.com/kb/HT6495x_refsource_CONFIRM
http://www.kb.cert.org/vuls/id/252743third-party-advisory, x_refsource_CERT-VN
http://secunia.com/advisories/61065third-party-advisory, x_refsource_SECUNIA
http://linux.oracle.com/errata/ELSA-2014-3075.htmlx_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=141383196021590&w=2vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=141383081521087&w=2vendor-advisory, x_refsource_HP
http://www-01.ibm.com/support/docview.wss?uid=swg21686445x_refsource_CONFIRM
http://support.novell.com/security/cve/CVE-2014-7169.htmlx_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21686131x_refsource_CONFIRM
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126third-party-advisory, x_refsource_JVNDB
http://marc.info/?l=bugtraq&m=141879528318582&w=2vendor-advisory, x_refsource_HP
http://www.us-cert.gov/ncas/alerts/TA14-268Athird-party-advisory, x_refsource_CERT
http://secunia.com/advisories/61641third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.htmlvendor-advisory, x_refsource_SUSE
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648x_refsource_CONFIRM
https://access.redhat.com/node/1200223x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.htmlvendor-advisory, x_refsource_SUSE
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898x_refsource_CONFIRM
http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.htmlvendor-advisory, x_refsource_APPLE
http://www-01.ibm.com/support/docview.wss?uid=swg21685914x_refsource_CONFIRM
http://seclists.org/fulldisclosure/2014/Oct/0mailing-list, x_refsource_FULLDISC
http://www.mandriva.com/security/advisories?name=MDVSA-2015:164vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/61619third-party-advisory, x_refsource_SECUNIA
http://linux.oracle.com/errata/ELSA-2014-3078.htmlx_refsource_CONFIRM
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=142721162228379&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/60325third-party-advisory, x_refsource_SECUNIA
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixesx_refsource_CONFIRM
http://secunia.com/advisories/60024third-party-advisory, x_refsource_SECUNIA
http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.htmlx_refsource_MISC
https://www.exploit-db.com/exploits/34879/exploit, x_refsource_EXPLOIT-DB
http://secunia.com/advisories/61622third-party-advisory, x_refsource_SECUNIA
https://access.redhat.com/articles/1200223x_refsource_CONFIRM
http://secunia.com/advisories/62343third-party-advisory, x_refsource_SECUNIA
http://advisories.mageia.org/MGASA-2014-0393.htmlx_refsource_CONFIRM
http://secunia.com/advisories/61565third-party-advisory, x_refsource_SECUNIA
https://www.suse.com/support/shellshock/x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=141450491804793&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/61313third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=142358026505815&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/61873third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61485third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/61618third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/60947third-party-advisory, x_refsource_SECUNIA
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183x_refsource_CONFIRM
https://support.apple.com/kb/HT6535x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=141577297623641&w=2vendor-advisory, x_refsource_HP
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=141383244821813&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/61312third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/60193third-party-advisory, x_refsource_SECUNIA
http://www.vmware.com/security/advisories/VMSA-2014-0010.htmlx_refsource_CONFIRM
http://secunia.com/advisories/61479third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/60063third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/60034third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=141330425327438&w=2vendor-advisory, x_refsource_HP
http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.htmlx_refsource_MISC
http://secunia.com/advisories/59907third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/58200third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=141577241923505&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/61643third-party-advisory, x_refsource_SECUNIA
http://twitter.com/taviso/statuses/514887394294652929x_refsource_MISC
http://www.novell.com/support/kb/doc.php?id=7015721x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21687079x_refsource_CONFIRM
http://secunia.com/advisories/61503third-party-advisory, x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21686246x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2014-1354.htmlvendor-advisory, x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=141216207813411&w=2vendor-advisory, x_refsource_HP
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=141383465822787&w=2vendor-advisory, x_refsource_HP
http://www.qnap.com/i/en/support/con_show.php?cid=61x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=141694386919794&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/61552third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61780third-party-advisory, x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279x_refsource_CONFIRM
https://support.citrix.com/article/CTX200223x_refsource_CONFIRM
http://linux.oracle.com/errata/ELSA-2014-3077.htmlx_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21686447x_refsource_CONFIRM
http://secunia.com/advisories/62228third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=141330468527613&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/61855third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=141235957116749&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/60044third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61291third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=141345648114150&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/59737third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61287third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=141383353622268&w=2vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=142118135300698&w=2vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=142118135300698&w=2vendor-advisory, x_refsource_HP
http://secunia.com/advisories/61711third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=142113462216480&w=2vendor-advisory, x_refsource_HP
http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=141383304022067&w=2vendor-advisory, x_refsource_HP
http://rhn.redhat.com/errata/RHSA-2014-1311.htmlvendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/61128third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2014/dsa-3035vendor-advisory, x_refsource_DEBIAN
https://support.citrix.com/article/CTX200217x_refsource_CONFIRM
http://secunia.com/advisories/61471third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/60055third-party-advisory, x_refsource_SECUNIA
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bashvendor-advisory, x_refsource_CISCO
http://secunia.com/advisories/61550third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61633third-party-advisory, x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21686494x_refsource_CONFIRM
http://linux.oracle.com/errata/ELSA-2014-1306.htmlx_refsource_CONFIRM
https://kb.bluecoat.com/index?page=content&id=SA82x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/61328third-party-advisory, x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21685733x_refsource_CONFIRM
http://secunia.com/advisories/61129third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61700third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61626third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61603third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61857third-party-advisory, x_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879x_refsource_CONFIRM
https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006x_refsource_MISC
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T12:40:19.217Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
          },
          {
            "name": "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
          },
          {
            "name": "HPSBMU03165",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
          },
          {
            "name": "HPSBHF03119",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
          },
          {
            "name": "HPSBST03131",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
          },
          {
            "name": "SSRT101819",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
          },
          {
            "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
          },
          {
            "name": "HPSBMU03245",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
          },
          {
            "name": "openSUSE-SU-2014:1229",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
          },
          {
            "name": "61188",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61188"
          },
          {
            "name": "JVN#55667175",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
          },
          {
            "name": "61676",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61676"
          },
          {
            "name": "openSUSE-SU-2014:1254",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
          },
          {
            "name": "60433",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60433"
          },
          {
            "name": "HPSBMU03143",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
          },
          {
            "name": "HPSBMU03182",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
          },
          {
            "name": "RHSA-2014:1306",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
          },
          {
            "name": "HPSBST03155",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
          },
          {
            "name": "61715",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61715"
          },
          {
            "name": "USN-2363-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2363-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
          },
          {
            "name": "61816",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61816"
          },
          {
            "name": "openSUSE-SU-2014:1310",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
          },
          {
            "name": "61442",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61442"
          },
          {
            "name": "HPSBMU03246",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
          },
          {
            "name": "HPSBST03195",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
          },
          {
            "name": "61283",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61283"
          },
          {
            "name": "SSRT101711",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
          },
          {
            "name": "openSUSE-SU-2014:1308",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
          },
          {
            "name": "61654",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61654"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
          },
          {
            "name": "62312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62312"
          },
          {
            "name": "59272",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59272"
          },
          {
            "name": "HPSBST03122",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
          },
          {
            "name": "HPSBMU03217",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
          },
          {
            "name": "RHSA-2014:1312",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
          },
          {
            "name": "USN-2363-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2363-1"
          },
          {
            "name": "SSRT101868",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "61703",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61703"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT6495"
          },
          {
            "name": "VU#252743",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/252743"
          },
          {
            "name": "61065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61065"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
          },
          {
            "name": "HPSBST03129",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
          },
          {
            "name": "HPSBMU03144",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
          },
          {
            "name": "JVNDB-2014-000126",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
          },
          {
            "name": "SSRT101827",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
          },
          {
            "name": "TA14-268A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
          },
          {
            "name": "61641",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61641"
          },
          {
            "name": "SUSE-SU-2014:1247",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/node/1200223"
          },
          {
            "name": "SUSE-SU-2014:1287",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
          },
          {
            "name": "APPLE-SA-2014-10-16-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
          },
          {
            "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
          },
          {
            "name": "MDVSA-2015:164",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
          },
          {
            "name": "61619",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61619"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
          },
          {
            "name": "HPSBMU03220",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
          },
          {
            "name": "60325",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60325"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
          },
          {
            "name": "60024",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60024"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
          },
          {
            "name": "34879",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/34879/"
          },
          {
            "name": "61622",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61622"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/articles/1200223"
          },
          {
            "name": "62343",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62343"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://advisories.mageia.org/MGASA-2014-0393.html"
          },
          {
            "name": "61565",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61565"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.suse.com/support/shellshock/"
          },
          {
            "name": "HPSBST03157",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
          },
          {
            "name": "61313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61313"
          },
          {
            "name": "SSRT101742",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
          },
          {
            "name": "61873",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61873"
          },
          {
            "name": "61485",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61485"
          },
          {
            "name": "openSUSE-SU-2014:1242",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
          },
          {
            "name": "61618",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61618"
          },
          {
            "name": "60947",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60947"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT6535"
          },
          {
            "name": "HPSBST03154",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
          },
          {
            "name": "HPSBGN03142",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
          },
          {
            "name": "61312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61312"
          },
          {
            "name": "60193",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60193"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
          },
          {
            "name": "61479",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61479"
          },
          {
            "name": "60063",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60063"
          },
          {
            "name": "60034",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60034"
          },
          {
            "name": "HPSBMU03133",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
          },
          {
            "name": "59907",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59907"
          },
          {
            "name": "58200",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/58200"
          },
          {
            "name": "HPSBST03181",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
          },
          {
            "name": "61643",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61643"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://twitter.com/taviso/statuses/514887394294652929"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
          },
          {
            "name": "61503",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61503"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
          },
          {
            "name": "RHSA-2014:1354",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
          },
          {
            "name": "HPSBGN03117",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
          },
          {
            "name": "HPSBHF03145",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
          },
          {
            "name": "HPSBST03148",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
          },
          {
            "name": "61552",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61552"
          },
          {
            "name": "61780",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61780"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX200223"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
          },
          {
            "name": "62228",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62228"
          },
          {
            "name": "HPSBGN03138",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
          },
          {
            "name": "61855",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61855"
          },
          {
            "name": "HPSBHF03124",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
          },
          {
            "name": "60044",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60044"
          },
          {
            "name": "61291",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61291"
          },
          {
            "name": "HPSBHF03125",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
          },
          {
            "name": "59737",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59737"
          },
          {
            "name": "61287",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61287"
          },
          {
            "name": "HPSBHF03146",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
          },
          {
            "name": "HPSBGN03233",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "SSRT101739",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "name": "61711",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61711"
          },
          {
            "name": "HPSBOV03228",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
          },
          {
            "name": "HPSBGN03141",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
          },
          {
            "name": "RHSA-2014:1311",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
          },
          {
            "name": "61128",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61128"
          },
          {
            "name": "DSA-3035",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-3035"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX200217"
          },
          {
            "name": "61471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61471"
          },
          {
            "name": "60055",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60055"
          },
          {
            "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
          },
          {
            "name": "61550",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61550"
          },
          {
            "name": "61633",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61633"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
          },
          {
            "name": "SUSE-SU-2014:1259",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
          },
          {
            "name": "61328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61328"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
          },
          {
            "name": "61129",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61129"
          },
          {
            "name": "61700",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61700"
          },
          {
            "name": "61626",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61626"
          },
          {
            "name": "61603",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61603"
          },
          {
            "name": "61857",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61857"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-09-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-05T16:41:42",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
        },
        {
          "name": "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
        },
        {
          "name": "HPSBMU03165",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
        },
        {
          "name": "HPSBHF03119",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
        },
        {
          "name": "HPSBST03131",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
        },
        {
          "name": "SSRT101819",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
        },
        {
          "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
        },
        {
          "name": "HPSBMU03245",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
        },
        {
          "name": "openSUSE-SU-2014:1229",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
        },
        {
          "name": "61188",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61188"
        },
        {
          "name": "JVN#55667175",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
        },
        {
          "name": "61676",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61676"
        },
        {
          "name": "openSUSE-SU-2014:1254",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
        },
        {
          "name": "60433",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60433"
        },
        {
          "name": "HPSBMU03143",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
        },
        {
          "name": "HPSBMU03182",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
        },
        {
          "name": "RHSA-2014:1306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
        },
        {
          "name": "HPSBST03155",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
        },
        {
          "name": "61715",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61715"
        },
        {
          "name": "USN-2363-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2363-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
        },
        {
          "name": "61816",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61816"
        },
        {
          "name": "openSUSE-SU-2014:1310",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
        },
        {
          "name": "61442",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61442"
        },
        {
          "name": "HPSBMU03246",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
        },
        {
          "name": "HPSBST03195",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
        },
        {
          "name": "61283",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61283"
        },
        {
          "name": "SSRT101711",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
        },
        {
          "name": "openSUSE-SU-2014:1308",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
        },
        {
          "name": "61654",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61654"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
        },
        {
          "name": "62312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62312"
        },
        {
          "name": "59272",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59272"
        },
        {
          "name": "HPSBST03122",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
        },
        {
          "name": "HPSBMU03217",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
        },
        {
          "name": "RHSA-2014:1312",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
        },
        {
          "name": "USN-2363-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2363-1"
        },
        {
          "name": "SSRT101868",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "61703",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61703"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT6495"
        },
        {
          "name": "VU#252743",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/252743"
        },
        {
          "name": "61065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61065"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
        },
        {
          "name": "HPSBST03129",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
        },
        {
          "name": "HPSBMU03144",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
        },
        {
          "name": "JVNDB-2014-000126",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
        },
        {
          "name": "SSRT101827",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
        },
        {
          "name": "TA14-268A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
        },
        {
          "name": "61641",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61641"
        },
        {
          "name": "SUSE-SU-2014:1247",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/node/1200223"
        },
        {
          "name": "SUSE-SU-2014:1287",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
        },
        {
          "name": "APPLE-SA-2014-10-16-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
        },
        {
          "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
        },
        {
          "name": "MDVSA-2015:164",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
        },
        {
          "name": "61619",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61619"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
        },
        {
          "name": "HPSBMU03220",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
        },
        {
          "name": "60325",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60325"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
        },
        {
          "name": "60024",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60024"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
        },
        {
          "name": "34879",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/34879/"
        },
        {
          "name": "61622",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61622"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/articles/1200223"
        },
        {
          "name": "62343",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62343"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://advisories.mageia.org/MGASA-2014-0393.html"
        },
        {
          "name": "61565",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61565"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.suse.com/support/shellshock/"
        },
        {
          "name": "HPSBST03157",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
        },
        {
          "name": "61313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61313"
        },
        {
          "name": "SSRT101742",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
        },
        {
          "name": "61873",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61873"
        },
        {
          "name": "61485",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61485"
        },
        {
          "name": "openSUSE-SU-2014:1242",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
        },
        {
          "name": "61618",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61618"
        },
        {
          "name": "60947",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60947"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT6535"
        },
        {
          "name": "HPSBST03154",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
        },
        {
          "name": "HPSBGN03142",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
        },
        {
          "name": "61312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61312"
        },
        {
          "name": "60193",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60193"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
        },
        {
          "name": "61479",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61479"
        },
        {
          "name": "60063",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60063"
        },
        {
          "name": "60034",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60034"
        },
        {
          "name": "HPSBMU03133",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
        },
        {
          "name": "59907",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59907"
        },
        {
          "name": "58200",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/58200"
        },
        {
          "name": "HPSBST03181",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
        },
        {
          "name": "61643",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61643"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://twitter.com/taviso/statuses/514887394294652929"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
        },
        {
          "name": "61503",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61503"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
        },
        {
          "name": "RHSA-2014:1354",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
        },
        {
          "name": "HPSBGN03117",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
        },
        {
          "name": "HPSBHF03145",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
        },
        {
          "name": "HPSBST03148",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
        },
        {
          "name": "61552",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61552"
        },
        {
          "name": "61780",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61780"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX200223"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
        },
        {
          "name": "62228",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62228"
        },
        {
          "name": "HPSBGN03138",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
        },
        {
          "name": "61855",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61855"
        },
        {
          "name": "HPSBHF03124",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
        },
        {
          "name": "60044",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60044"
        },
        {
          "name": "61291",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61291"
        },
        {
          "name": "HPSBHF03125",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
        },
        {
          "name": "59737",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59737"
        },
        {
          "name": "61287",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61287"
        },
        {
          "name": "HPSBHF03146",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
        },
        {
          "name": "HPSBGN03233",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "SSRT101739",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
        },
        {
          "name": "61711",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61711"
        },
        {
          "name": "HPSBOV03228",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
        },
        {
          "name": "HPSBGN03141",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
        },
        {
          "name": "RHSA-2014:1311",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
        },
        {
          "name": "61128",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61128"
        },
        {
          "name": "DSA-3035",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-3035"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX200217"
        },
        {
          "name": "61471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61471"
        },
        {
          "name": "60055",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60055"
        },
        {
          "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
        },
        {
          "name": "61550",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61550"
        },
        {
          "name": "61633",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61633"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
        },
        {
          "name": "SUSE-SU-2014:1259",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
        },
        {
          "name": "61328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61328"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
        },
        {
          "name": "61129",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61129"
        },
        {
          "name": "61700",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61700"
        },
        {
          "name": "61626",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61626"
        },
        {
          "name": "61603",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61603"
        },
        {
          "name": "61857",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61857"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-7169",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
            },
            {
              "name": "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
            },
            {
              "name": "HPSBMU03165",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
            },
            {
              "name": "HPSBHF03119",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
            },
            {
              "name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts",
              "refsource": "CONFIRM",
              "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
            },
            {
              "name": "HPSBST03131",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
            },
            {
              "name": "SSRT101819",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
            },
            {
              "name": "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
            },
            {
              "name": "HPSBMU03245",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
            },
            {
              "name": "openSUSE-SU-2014:1229",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
            },
            {
              "name": "61188",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61188"
            },
            {
              "name": "JVN#55667175",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
            },
            {
              "name": "61676",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61676"
            },
            {
              "name": "openSUSE-SU-2014:1254",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
            },
            {
              "name": "60433",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60433"
            },
            {
              "name": "HPSBMU03143",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
            },
            {
              "name": "HPSBMU03182",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
            },
            {
              "name": "RHSA-2014:1306",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
            },
            {
              "name": "HPSBST03155",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
            },
            {
              "name": "61715",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61715"
            },
            {
              "name": "USN-2363-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2363-2"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
            },
            {
              "name": "61816",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61816"
            },
            {
              "name": "openSUSE-SU-2014:1310",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
            },
            {
              "name": "61442",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61442"
            },
            {
              "name": "HPSBMU03246",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
            },
            {
              "name": "HPSBST03195",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
            },
            {
              "name": "61283",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61283"
            },
            {
              "name": "SSRT101711",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
            },
            {
              "name": "openSUSE-SU-2014:1308",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
            },
            {
              "name": "61654",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61654"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015701",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
            },
            {
              "name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315",
              "refsource": "CONFIRM",
              "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
            },
            {
              "name": "62312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62312"
            },
            {
              "name": "59272",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59272"
            },
            {
              "name": "HPSBST03122",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
            },
            {
              "name": "HPSBMU03217",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
            },
            {
              "name": "RHSA-2014:1312",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
            },
            {
              "name": "USN-2363-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2363-1"
            },
            {
              "name": "SSRT101868",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "61703",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61703"
            },
            {
              "name": "http://support.apple.com/kb/HT6495",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT6495"
            },
            {
              "name": "VU#252743",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/252743"
            },
            {
              "name": "61065",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61065"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-3075.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
            },
            {
              "name": "HPSBST03129",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
            },
            {
              "name": "HPSBMU03144",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
            },
            {
              "name": "http://support.novell.com/security/cve/CVE-2014-7169.html",
              "refsource": "CONFIRM",
              "url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
            },
            {
              "name": "JVNDB-2014-000126",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
            },
            {
              "name": "SSRT101827",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
            },
            {
              "name": "TA14-268A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
            },
            {
              "name": "61641",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61641"
            },
            {
              "name": "SUSE-SU-2014:1247",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
            },
            {
              "name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
            },
            {
              "name": "https://access.redhat.com/node/1200223",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/node/1200223"
            },
            {
              "name": "SUSE-SU-2014:1287",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
            },
            {
              "name": "APPLE-SA-2014-10-16-1",
              "refsource": "APPLE",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
            },
            {
              "name": "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
            },
            {
              "name": "MDVSA-2015:164",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
            },
            {
              "name": "61619",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61619"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-3078.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
            },
            {
              "name": "HPSBMU03220",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
            },
            {
              "name": "60325",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60325"
            },
            {
              "name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
              "refsource": "CONFIRM",
              "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
            },
            {
              "name": "60024",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60024"
            },
            {
              "name": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
            },
            {
              "name": "34879",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/34879/"
            },
            {
              "name": "61622",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61622"
            },
            {
              "name": "https://access.redhat.com/articles/1200223",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/articles/1200223"
            },
            {
              "name": "62343",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62343"
            },
            {
              "name": "http://advisories.mageia.org/MGASA-2014-0393.html",
              "refsource": "CONFIRM",
              "url": "http://advisories.mageia.org/MGASA-2014-0393.html"
            },
            {
              "name": "61565",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61565"
            },
            {
              "name": "https://www.suse.com/support/shellshock/",
              "refsource": "CONFIRM",
              "url": "https://www.suse.com/support/shellshock/"
            },
            {
              "name": "HPSBST03157",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
            },
            {
              "name": "61313",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61313"
            },
            {
              "name": "SSRT101742",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
            },
            {
              "name": "61873",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61873"
            },
            {
              "name": "61485",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61485"
            },
            {
              "name": "openSUSE-SU-2014:1242",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
            },
            {
              "name": "61618",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61618"
            },
            {
              "name": "60947",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60947"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
            },
            {
              "name": "https://support.apple.com/kb/HT6535",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT6535"
            },
            {
              "name": "HPSBST03154",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
            },
            {
              "name": "HPSBGN03142",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
            },
            {
              "name": "61312",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61312"
            },
            {
              "name": "60193",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60193"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
            },
            {
              "name": "61479",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61479"
            },
            {
              "name": "60063",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60063"
            },
            {
              "name": "60034",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60034"
            },
            {
              "name": "HPSBMU03133",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
            },
            {
              "name": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html",
              "refsource": "MISC",
              "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
            },
            {
              "name": "59907",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59907"
            },
            {
              "name": "58200",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/58200"
            },
            {
              "name": "HPSBST03181",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
            },
            {
              "name": "61643",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61643"
            },
            {
              "name": "http://twitter.com/taviso/statuses/514887394294652929",
              "refsource": "MISC",
              "url": "http://twitter.com/taviso/statuses/514887394294652929"
            },
            {
              "name": "http://www.novell.com/support/kb/doc.php?id=7015721",
              "refsource": "CONFIRM",
              "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
            },
            {
              "name": "61503",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61503"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
            },
            {
              "name": "RHSA-2014:1354",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
            },
            {
              "name": "HPSBGN03117",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
            },
            {
              "name": "HPSBHF03145",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
            },
            {
              "name": "http://www.qnap.com/i/en/support/con_show.php?cid=61",
              "refsource": "CONFIRM",
              "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
            },
            {
              "name": "HPSBST03148",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
            },
            {
              "name": "61552",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61552"
            },
            {
              "name": "61780",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61780"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
            },
            {
              "name": "https://support.citrix.com/article/CTX200223",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX200223"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-3077.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
            },
            {
              "name": "62228",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62228"
            },
            {
              "name": "HPSBGN03138",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
            },
            {
              "name": "61855",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61855"
            },
            {
              "name": "HPSBHF03124",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
            },
            {
              "name": "60044",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60044"
            },
            {
              "name": "61291",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61291"
            },
            {
              "name": "HPSBHF03125",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
            },
            {
              "name": "59737",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59737"
            },
            {
              "name": "61287",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61287"
            },
            {
              "name": "HPSBHF03146",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
            },
            {
              "name": "HPSBGN03233",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "SSRT101739",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
            },
            {
              "name": "61711",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61711"
            },
            {
              "name": "HPSBOV03228",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
            },
            {
              "name": "HPSBGN03141",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
            },
            {
              "name": "RHSA-2014:1311",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
            },
            {
              "name": "61128",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61128"
            },
            {
              "name": "DSA-3035",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-3035"
            },
            {
              "name": "https://support.citrix.com/article/CTX200217",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX200217"
            },
            {
              "name": "61471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61471"
            },
            {
              "name": "60055",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60055"
            },
            {
              "name": "20140926 GNU Bash Environmental Variable Command Injection Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
            },
            {
              "name": "61550",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61550"
            },
            {
              "name": "61633",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61633"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
            },
            {
              "name": "http://linux.oracle.com/errata/ELSA-2014-1306.html",
              "refsource": "CONFIRM",
              "url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
            },
            {
              "name": "https://kb.bluecoat.com/index?page=content\u0026id=SA82",
              "refsource": "CONFIRM",
              "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
            },
            {
              "name": "SUSE-SU-2014:1259",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
            },
            {
              "name": "61328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61328"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
            },
            {
              "name": "61129",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61129"
            },
            {
              "name": "61700",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61700"
            },
            {
              "name": "61626",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61626"
            },
            {
              "name": "61603",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61603"
            },
            {
              "name": "61857",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61857"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
            },
            {
              "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006",
              "refsource": "MISC",
              "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-7169",
    "datePublished": "2014-09-25T01:00:00",
    "dateReserved": "2014-09-24T00:00:00",
    "dateUpdated": "2024-08-06T12:40:19.217Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-4023
Vulnerability from cvelistv5
Published
2014-10-28 14:00
Modified
2024-08-06 11:04
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, AAM 11.4.0 before 11.6.0, AFM and PEM 11.3.0 before 11.6.0, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0 and 10.1.0 through 10.2.4, and PSM 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txtx_refsource_MISC
https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.htmlx_refsource_CONFIRM
http://www.securitytracker.com/id/1030776vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T11:04:27.745Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html"
          },
          {
            "name": "1030776",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030776"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-08-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, AAM 11.4.0 before 11.6.0, AFM and PEM 11.3.0 before 11.6.0, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0 and 10.1.0 through 10.2.4, and PSM 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2015-05-12T14:57:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html"
        },
        {
          "name": "1030776",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030776"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-4023",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, AAM 11.4.0 before 11.6.0, AFM and PEM 11.3.0 before 11.6.0, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0 and 10.1.0 through 10.2.4, and PSM 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt",
              "refsource": "MISC",
              "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html"
            },
            {
              "name": "1030776",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030776"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-4023",
    "datePublished": "2014-10-28T14:00:00",
    "dateReserved": "2014-06-11T00:00:00",
    "dateUpdated": "2024-08-06T11:04:27.745Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-3628
Vulnerability from cvelistv5
Published
2015-12-07 20:00
Modified
2024-08-06 05:47
Severity ?
Summary
The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP AAM 11.4.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0, BIG-IP GTM 11.3.0 before 11.6.0 HF6, BIG-IP PSM 11.3.0 through 11.4.1, Enterprise Manager 3.1.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote authenticated users with the "Resource Administrator" role to gain privileges via an iCall (1) script or (2) handler in a SOAP request to iControl/iControlPortal.cgi.
References
https://support.f5.com/kb/en-us/solutions/public/16000/700/sol16728.htmlx_refsource_CONFIRM
http://www.securitytracker.com/id/1034307vdb-entry, x_refsource_SECTRACK
https://gdssecurity.squarespace.com/labs/2015/9/8/f5-icallscript-privilege-escalation-cve-2015-3628.htmlx_refsource_MISC
http://www.securitytracker.com/id/1034306vdb-entry, x_refsource_SECTRACK
http://www.rapid7.com/db/modules/exploit/linux/http/f5_icall_cmdx_refsource_MISC
https://www.exploit-db.com/exploits/38764/exploit, x_refsource_EXPLOIT-DB
http://packetstormsecurity.com/files/134434/F5-iControl-iCall-Script-Root-Command-Execution.htmlx_refsource_MISC
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:47:57.891Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/16000/700/sol16728.html"
          },
          {
            "name": "1034307",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034307"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gdssecurity.squarespace.com/labs/2015/9/8/f5-icallscript-privilege-escalation-cve-2015-3628.html"
          },
          {
            "name": "1034306",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034306"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.rapid7.com/db/modules/exploit/linux/http/f5_icall_cmd"
          },
          {
            "name": "38764",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/38764/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/134434/F5-iControl-iCall-Script-Root-Command-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP AAM 11.4.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0, BIG-IP GTM 11.3.0 before 11.6.0 HF6, BIG-IP PSM 11.3.0 through 11.4.1, Enterprise Manager 3.1.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote authenticated users with the \"Resource Administrator\" role to gain privileges via an iCall (1) script or (2) handler in a SOAP request to iControl/iControlPortal.cgi."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-12T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/16000/700/sol16728.html"
        },
        {
          "name": "1034307",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034307"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gdssecurity.squarespace.com/labs/2015/9/8/f5-icallscript-privilege-escalation-cve-2015-3628.html"
        },
        {
          "name": "1034306",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034306"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.rapid7.com/db/modules/exploit/linux/http/f5_icall_cmd"
        },
        {
          "name": "38764",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/38764/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/134434/F5-iControl-iCall-Script-Root-Command-Execution.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-3628",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP AAM 11.4.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0, BIG-IP GTM 11.3.0 before 11.6.0 HF6, BIG-IP PSM 11.3.0 through 11.4.1, Enterprise Manager 3.1.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote authenticated users with the \"Resource Administrator\" role to gain privileges via an iCall (1) script or (2) handler in a SOAP request to iControl/iControlPortal.cgi."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/16000/700/sol16728.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/16000/700/sol16728.html"
            },
            {
              "name": "1034307",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034307"
            },
            {
              "name": "https://gdssecurity.squarespace.com/labs/2015/9/8/f5-icallscript-privilege-escalation-cve-2015-3628.html",
              "refsource": "MISC",
              "url": "https://gdssecurity.squarespace.com/labs/2015/9/8/f5-icallscript-privilege-escalation-cve-2015-3628.html"
            },
            {
              "name": "1034306",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034306"
            },
            {
              "name": "http://www.rapid7.com/db/modules/exploit/linux/http/f5_icall_cmd",
              "refsource": "MISC",
              "url": "http://www.rapid7.com/db/modules/exploit/linux/http/f5_icall_cmd"
            },
            {
              "name": "38764",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/38764/"
            },
            {
              "name": "http://packetstormsecurity.com/files/134434/F5-iControl-iCall-Script-Root-Command-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/134434/F5-iControl-iCall-Script-Root-Command-Execution.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-3628",
    "datePublished": "2015-12-07T20:00:00",
    "dateReserved": "2015-04-30T00:00:00",
    "dateUpdated": "2024-08-06T05:47:57.891Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-3587
Vulnerability from cvelistv5
Published
2020-02-21 17:11
Modified
2024-08-06 16:14
Severity ?
Summary
The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a "BREACH" attack, a different issue than CVE-2012-4929.
References
http://breachattack.com/x_refsource_MISC
http://security.stackexchange.com/questions/20406/is-http-compression-safe#20407x_refsource_MISC
http://slashdot.org/story/13/08/05/233216x_refsource_MISC
http://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdfx_refsource_MISC
https://www.blackhat.com/us-13/briefings.html#Pradox_refsource_MISC
http://github.com/meldium/breach-mitigation-railsx_refsource_MISC
https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/x_refsource_MISC
http://www.kb.cert.org/vuls/id/987798x_refsource_MISC
https://hackerone.com/reports/254895x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=995168x_refsource_MISC
https://support.f5.com/csp/article/K14634x_refsource_MISC
https://lists.apache.org/thread.html/r7f0e9cfd166934172d43ca4c272b8bdda4a343036229d9937affd1e1%40%3Cdev.httpd.apache.org%3Emailing-list, x_refsource_MLIST
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:14:56.365Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://breachattack.com/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://security.stackexchange.com/questions/20406/is-http-compression-safe#20407"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://slashdot.org/story/13/08/05/233216"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.blackhat.com/us-13/briefings.html#Prado"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://github.com/meldium/breach-mitigation-rails"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/987798"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://hackerone.com/reports/254895"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=995168"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K14634"
          },
          {
            "name": "[httpd-dev] 20210409 GSOC project Idea- fix for CVE-2013-3587",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r7f0e9cfd166934172d43ca4c272b8bdda4a343036229d9937affd1e1%40%3Cdev.httpd.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "HTTPS protocol",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "all"
            }
          ]
        }
      ],
      "datePublic": "2012-09-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a \"BREACH\" attack, a different issue than CVE-2012-4929."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Other",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-10T00:06:26",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://breachattack.com/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://security.stackexchange.com/questions/20406/is-http-compression-safe#20407"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://slashdot.org/story/13/08/05/233216"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.blackhat.com/us-13/briefings.html#Prado"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://github.com/meldium/breach-mitigation-rails"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.kb.cert.org/vuls/id/987798"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://hackerone.com/reports/254895"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=995168"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.f5.com/csp/article/K14634"
        },
        {
          "name": "[httpd-dev] 20210409 GSOC project Idea- fix for CVE-2013-3587",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r7f0e9cfd166934172d43ca4c272b8bdda4a343036229d9937affd1e1%40%3Cdev.httpd.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2013-3587",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "HTTPS protocol",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "all"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a \"BREACH\" attack, a different issue than CVE-2012-4929."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://breachattack.com/",
              "refsource": "MISC",
              "url": "http://breachattack.com/"
            },
            {
              "name": "http://security.stackexchange.com/questions/20406/is-http-compression-safe#20407",
              "refsource": "MISC",
              "url": "http://security.stackexchange.com/questions/20406/is-http-compression-safe#20407"
            },
            {
              "name": "http://slashdot.org/story/13/08/05/233216",
              "refsource": "MISC",
              "url": "http://slashdot.org/story/13/08/05/233216"
            },
            {
              "name": "http://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdf",
              "refsource": "MISC",
              "url": "http://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdf"
            },
            {
              "name": "https://www.blackhat.com/us-13/briefings.html#Prado",
              "refsource": "MISC",
              "url": "https://www.blackhat.com/us-13/briefings.html#Prado"
            },
            {
              "name": "http://github.com/meldium/breach-mitigation-rails",
              "refsource": "MISC",
              "url": "http://github.com/meldium/breach-mitigation-rails"
            },
            {
              "name": "https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/",
              "refsource": "MISC",
              "url": "https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/"
            },
            {
              "name": "http://www.kb.cert.org/vuls/id/987798",
              "refsource": "MISC",
              "url": "http://www.kb.cert.org/vuls/id/987798"
            },
            {
              "name": "https://hackerone.com/reports/254895",
              "refsource": "MISC",
              "url": "https://hackerone.com/reports/254895"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=995168",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=995168"
            },
            {
              "name": "https://support.f5.com/csp/article/K14634",
              "refsource": "MISC",
              "url": "https://support.f5.com/csp/article/K14634"
            },
            {
              "name": "[httpd-dev] 20210409 GSOC project Idea- fix for CVE-2013-3587",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r7f0e9cfd166934172d43ca4c272b8bdda4a343036229d9937affd1e1@%3Cdev.httpd.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2013-3587",
    "datePublished": "2020-02-21T17:11:47",
    "dateReserved": "2013-05-21T00:00:00",
    "dateUpdated": "2024-08-06T16:14:56.365Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-9244
Vulnerability from cvelistv5
Published
2017-02-09 15:00
Modified
2024-08-06 02:42
Severity ?
Summary
A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory. A remote attacker may exploit this vulnerability to obtain Secure Sockets Layer (SSL) session IDs from other sessions. It is possible that other data from uninitialized memory may be returned as well.
References
https://support.f5.com/csp/article/K05121675x_refsource_CONFIRM
https://www.exploit-db.com/exploits/41298/exploit, x_refsource_EXPLOIT-DB
https://filippo.io/Ticketbleed/x_refsource_MISC
http://www.securityfocus.com/bid/96143vdb-entry, x_refsource_BID
https://blog.filippo.io/finding-ticketbleed/x_refsource_MISC
http://www.securitytracker.com/id/1037800vdb-entry, x_refsource_SECTRACK
http://packetstormsecurity.com/files/141017/Ticketbleed-F5-TLS-Information-Disclosure.htmlx_refsource_MISC
https://github.com/0x00string/oldays/blob/master/CVE-2016-9244.pyx_refsource_MISC
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:42:11.207Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K05121675"
          },
          {
            "name": "41298",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/41298/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://filippo.io/Ticketbleed/"
          },
          {
            "name": "96143",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/96143"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blog.filippo.io/finding-ticketbleed/"
          },
          {
            "name": "1037800",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037800"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/141017/Ticketbleed-F5-TLS-Information-Disclosure.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/0x00string/oldays/blob/master/CVE-2016-9244.py"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, PEM, PSM",
          "vendor": "F5 Networks",
          "versions": [
            {
              "status": "affected",
              "version": "11.6.1 before 11.6.1 HF1 and 12.1.x before 12.1.2"
            }
          ]
        }
      ],
      "datePublic": "2017-02-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory. A remote attacker may exploit this vulnerability to obtain Secure Sockets Layer (SSL) session IDs from other sessions. It is possible that other data from uninitialized memory may be returned as well."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "TLS Session Ticket uninitialized memory leak",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-02-28T10:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K05121675"
        },
        {
          "name": "41298",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/41298/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://filippo.io/Ticketbleed/"
        },
        {
          "name": "96143",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/96143"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blog.filippo.io/finding-ticketbleed/"
        },
        {
          "name": "1037800",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037800"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/141017/Ticketbleed-F5-TLS-Information-Disclosure.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/0x00string/oldays/blob/master/CVE-2016-9244.py"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2016-9244",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, PEM, PSM",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "11.6.1 before 11.6.1 HF1 and 12.1.x before 12.1.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory. A remote attacker may exploit this vulnerability to obtain Secure Sockets Layer (SSL) session IDs from other sessions. It is possible that other data from uninitialized memory may be returned as well."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "TLS Session Ticket uninitialized memory leak"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K05121675",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K05121675"
            },
            {
              "name": "41298",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/41298/"
            },
            {
              "name": "https://filippo.io/Ticketbleed/",
              "refsource": "MISC",
              "url": "https://filippo.io/Ticketbleed/"
            },
            {
              "name": "96143",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/96143"
            },
            {
              "name": "https://blog.filippo.io/finding-ticketbleed/",
              "refsource": "MISC",
              "url": "https://blog.filippo.io/finding-ticketbleed/"
            },
            {
              "name": "1037800",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037800"
            },
            {
              "name": "http://packetstormsecurity.com/files/141017/Ticketbleed-F5-TLS-Information-Disclosure.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/141017/Ticketbleed-F5-TLS-Information-Disclosure.html"
            },
            {
              "name": "https://github.com/0x00string/oldays/blob/master/CVE-2016-9244.py",
              "refsource": "MISC",
              "url": "https://github.com/0x00string/oldays/blob/master/CVE-2016-9244.py"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2016-9244",
    "datePublished": "2017-02-09T15:00:00",
    "dateReserved": "2016-11-09T00:00:00",
    "dateUpdated": "2024-08-06T02:42:11.207Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-7393
Vulnerability from cvelistv5
Published
2016-01-12 20:00
Modified
2024-08-06 07:51
Severity ?
Summary
dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors.
References
https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.htmlx_refsource_CONFIRM
http://securitytracker.com/id/1034632vdb-entry, x_refsource_SECTRACK
http://www.securitytracker.com/id/1034633vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:51:27.284Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html"
          },
          {
            "name": "1034632",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id/1034632"
          },
          {
            "name": "1034633",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034633"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-01-12T19:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html"
        },
        {
          "name": "1034632",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id/1034632"
        },
        {
          "name": "1034633",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034633"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-7393",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html"
            },
            {
              "name": "1034632",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id/1034632"
            },
            {
              "name": "1034633",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034633"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-7393",
    "datePublished": "2016-01-12T20:00:00",
    "dateReserved": "2015-09-29T00:00:00",
    "dateUpdated": "2024-08-06T07:51:27.284Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-15327
Vulnerability from cvelistv5
Published
2018-10-31 14:00
Modified
2024-08-05 09:54
Severity ?
Summary
In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1 or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.
References
https://support.f5.com/csp/article/K20222812x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:54:01.891Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K20222812"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator), Enterprise Manager",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "14.0.0-14.0.0.2, 13.0.0-13.1.1.1"
            }
          ]
        }
      ],
      "datePublic": "2018-10-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1 or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Privilege escalation",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-31T13:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K20222812"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2018-15327",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator), Enterprise Manager",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "14.0.0-14.0.0.2, 13.0.0-13.1.1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1 or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Privilege escalation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K20222812",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K20222812"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2018-15327",
    "datePublished": "2018-10-31T14:00:00",
    "dateReserved": "2018-08-14T00:00:00",
    "dateUpdated": "2024-08-05T09:54:01.891Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-9252
Vulnerability from cvelistv5
Published
2017-03-27 18:00
Modified
2024-08-06 02:42
Severity ?
Summary
The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 and 12.x before 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote attackers to cause a denial-of-service (DoS) through unspecified vectors.
References
https://support.f5.com/csp/article/K46535047x_refsource_CONFIRM
http://www.securitytracker.com/id/1038132vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:42:11.275Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K46535047"
          },
          {
            "name": "1038132",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038132"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WebSafe",
          "vendor": "F5 Networks",
          "versions": [
            {
              "status": "affected",
              "version": "10.2.1, 10.2.2, 10.2.3, 10.2.4, 11.2.1, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 12.1.0, 12.1.1"
            }
          ]
        }
      ],
      "datePublic": "2017-03-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 and 12.x before 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote attackers to cause a denial-of-service (DoS) through unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "TMM data-plane",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-11T09:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K46535047"
        },
        {
          "name": "1038132",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038132"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2016-9252",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WebSafe",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.2.1, 10.2.2, 10.2.3, 10.2.4, 11.2.1, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 12.1.0, 12.1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 and 12.x before 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote attackers to cause a denial-of-service (DoS) through unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "TMM data-plane"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K46535047",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K46535047"
            },
            {
              "name": "1038132",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038132"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2016-9252",
    "datePublished": "2017-03-27T18:00:00",
    "dateReserved": "2016-11-09T00:00:00",
    "dateUpdated": "2024-08-06T02:42:11.275Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-5209
Vulnerability from cvelistv5
Published
2020-01-08 00:29
Modified
2024-08-06 11:41
Severity ?
Summary
An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.
References
https://support.f5.com/csp/article/K44942017x_refsource_CONFIRM
https://support.f5.com/csp/article/K44942017?utm_source=f5support&amp%3Butm_medium=RSSx_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/95841x_refsource_MISC
https://support.f5.com/csp/article/K44942017x_refsource_MISC
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T11:41:47.478Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K44942017"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp%3Butm_medium=RSS"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K44942017"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NTP",
          "vendor": "NTP",
          "versions": [
            {
              "status": "affected",
              "version": "4.2.7p25"
            }
          ]
        }
      ],
      "datePublic": "2014-08-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "information disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-08T00:31:11",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K44942017"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp%3Butm_medium=RSS"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.f5.com/csp/article/K44942017"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2014-5209",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NTP",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "4.2.7p25"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NTP"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "information disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K44942017",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K44942017"
            },
            {
              "name": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp;utm_medium=RSS",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp;utm_medium=RSS"
            },
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
            },
            {
              "name": "https://support.f5.com/csp/article/K44942017",
              "refsource": "MISC",
              "url": "https://support.f5.com/csp/article/K44942017"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2014-5209",
    "datePublished": "2020-01-08T00:29:42",
    "dateReserved": "2014-08-13T00:00:00",
    "dateUpdated": "2024-08-06T11:41:47.478Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-8021
Vulnerability from cvelistv5
Published
2016-04-12 14:00
Modified
2024-08-06 08:06
Severity ?
Summary
Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, Link Controller, and PSM 11.x before 11.2.1 HF11, 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; BIG-IP AAM 11.4.0 before HF8 and 11.4.1 before HF6; BIG-IP AFM and PEM 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; and BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF11 and 11.3.0 allows remote authenticated users to upload files via uploadImage.php.
References
http://www.securityfocus.com/bid/82340vdb-entry, x_refsource_BID
https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.htmlx_refsource_CONFIRM
http://www.securitytracker.com/id/1034781vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:06:31.555Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "82340",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/82340"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.html"
          },
          {
            "name": "1034781",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034781"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, Link Controller, and PSM 11.x before 11.2.1 HF11, 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; BIG-IP AAM 11.4.0 before HF8 and 11.4.1 before HF6; BIG-IP AFM and PEM 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; and BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF11 and 11.3.0 allows remote authenticated users to upload files via uploadImage.php."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "82340",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/82340"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.html"
        },
        {
          "name": "1034781",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034781"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8021",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, Link Controller, and PSM 11.x before 11.2.1 HF11, 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; BIG-IP AAM 11.4.0 before HF8 and 11.4.1 before HF6; BIG-IP AFM and PEM 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; and BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF11 and 11.3.0 allows remote authenticated users to upload files via uploadImage.php."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "82340",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/82340"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.html"
            },
            {
              "name": "1034781",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034781"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8021",
    "datePublished": "2016-04-12T14:00:00",
    "dateReserved": "2015-10-28T00:00:00",
    "dateUpdated": "2024-08-06T08:06:31.555Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-6155
Vulnerability from cvelistv5
Published
2018-04-13 13:00
Modified
2024-09-17 03:33
Severity ?
Summary
On F5 BIG-IP 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.4.1-11.5.5, or 11.2.1, malformed SPDY or HTTP/2 requests may result in a disruption of service to TMM. Data plane is only exposed when a SPDY or HTTP/2 profile is attached to a virtual server. There is no control plane exposure.
References
https://support.f5.com/csp/article/K10930474x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:18:49.880Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K10930474"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP (LTM, AAM, AFM, APM, ASM, Edge Gateway, Link Controller, PEM, PSM, WebAccelerator, WebSafe)",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "13.0.0"
            },
            {
              "status": "affected",
              "version": "12.0.0-12.1.3.1"
            },
            {
              "status": "affected",
              "version": "11.6.0-11.6.2"
            },
            {
              "status": "affected",
              "version": "11.4.1-11.5.5"
            },
            {
              "status": "affected",
              "version": "11.2.1"
            }
          ]
        }
      ],
      "datePublic": "2018-04-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "On F5 BIG-IP 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.4.1-11.5.5, or 11.2.1, malformed SPDY or HTTP/2 requests may result in a disruption of service to TMM. Data plane is only exposed when a SPDY or HTTP/2 profile is attached to a virtual server. There is no control plane exposure."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "DoS",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-13T12:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K10930474"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "DATE_PUBLIC": "2018-04-12T00:00:00",
          "ID": "CVE-2017-6155",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP (LTM, AAM, AFM, APM, ASM, Edge Gateway, Link Controller, PEM, PSM, WebAccelerator, WebSafe)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "13.0.0"
                          },
                          {
                            "version_value": "12.0.0-12.1.3.1"
                          },
                          {
                            "version_value": "11.6.0-11.6.2"
                          },
                          {
                            "version_value": "11.4.1-11.5.5"
                          },
                          {
                            "version_value": "11.2.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "On F5 BIG-IP 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.4.1-11.5.5, or 11.2.1, malformed SPDY or HTTP/2 requests may result in a disruption of service to TMM. Data plane is only exposed when a SPDY or HTTP/2 profile is attached to a virtual server. There is no control plane exposure."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "DoS"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K10930474",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K10930474"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2017-6155",
    "datePublished": "2018-04-13T13:00:00Z",
    "dateReserved": "2017-02-21T00:00:00",
    "dateUpdated": "2024-09-17T03:33:51.738Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-4040
Vulnerability from cvelistv5
Published
2015-09-17 16:00
Modified
2024-08-06 06:04
Severity ?
Summary
Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors.
References
http://packetstormsecurity.com/files/133931/F5-BigIP-10.2.4-Build-595.0-HF3-Path-Traversal.htmlx_refsource_MISC
http://www.securitytracker.com/id/1033533vdb-entry, x_refsource_SECTRACK
https://support.f5.com/kb/en-us/solutions/public/17000/200/sol17253.htmlx_refsource_CONFIRM
http://www.securitytracker.com/id/1033532vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:04:02.664Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/133931/F5-BigIP-10.2.4-Build-595.0-HF3-Path-Traversal.html"
          },
          {
            "name": "1033533",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033533"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/17000/200/sol17253.html"
          },
          {
            "name": "1033532",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033532"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-06T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/133931/F5-BigIP-10.2.4-Build-595.0-HF3-Path-Traversal.html"
        },
        {
          "name": "1033533",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1033533"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/17000/200/sol17253.html"
        },
        {
          "name": "1033532",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1033532"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-4040",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://packetstormsecurity.com/files/133931/F5-BigIP-10.2.4-Build-595.0-HF3-Path-Traversal.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/133931/F5-BigIP-10.2.4-Build-595.0-HF3-Path-Traversal.html"
            },
            {
              "name": "1033533",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1033533"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/17000/200/sol17253.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/17000/200/sol17253.html"
            },
            {
              "name": "1033532",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1033532"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-4040",
    "datePublished": "2015-09-17T16:00:00",
    "dateReserved": "2015-05-19T00:00:00",
    "dateUpdated": "2024-08-06T06:04:02.664Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-15322
Vulnerability from cvelistv5
Published
2018-10-31 14:00
Modified
2024-08-05 09:54
Severity ?
Summary
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 6.0.0-6.0.1, 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.0.1-2.3.0, or Enterprise Manager 3.1.1 a BIG-IP user granted with tmsh access may cause the BIG-IP system to experience denial-of-service (DoS) when the BIG-IP user uses the tmsh utility to run the edit cli preference command and proceeds to save the changes to another filename repeatedly. This action utilises storage space on the /var partition and when performed repeatedly causes the /var partition to be full.
References
https://support.f5.com/csp/article/K28003839x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:54:01.869Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K28003839"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe), BIG-IQ Centralized Management, BIG-IQ Cloud and Orchestration, iWorkflow, Enterprise Manager",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, 11.2.1-11.5.6"
            }
          ]
        }
      ],
      "datePublic": "2018-10-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 6.0.0-6.0.1, 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.0.1-2.3.0, or Enterprise Manager 3.1.1 a BIG-IP user granted with tmsh access may cause the BIG-IP system to experience denial-of-service (DoS) when the BIG-IP user uses the tmsh utility to run the edit cli preference command and proceeds to save the changes to another filename repeatedly. This action utilises storage space on the /var partition and when performed repeatedly causes the /var partition to be full."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "DoS",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-31T13:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K28003839"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2018-15322",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe), BIG-IQ Centralized Management, BIG-IQ Cloud and Orchestration, iWorkflow, Enterprise Manager",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, 11.2.1-11.5.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 6.0.0-6.0.1, 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.0.1-2.3.0, or Enterprise Manager 3.1.1 a BIG-IP user granted with tmsh access may cause the BIG-IP system to experience denial-of-service (DoS) when the BIG-IP user uses the tmsh utility to run the edit cli preference command and proceeds to save the changes to another filename repeatedly. This action utilises storage space on the /var partition and when performed repeatedly causes the /var partition to be full."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "DoS"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K28003839",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K28003839"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2018-15322",
    "datePublished": "2018-10-31T14:00:00",
    "dateReserved": "2018-08-14T00:00:00",
    "dateUpdated": "2024-08-05T09:54:01.869Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-6032
Vulnerability from cvelistv5
Published
2014-11-01 23:00
Modified
2024-08-06 12:03
Severity ?
Summary
Multiple XML External Entity (XXE) vulnerabilities in the Configuration utility in F5 BIG-IP LTM, ASM, GTM, and Link Controller 11.0 through 11.6.0 and 10.0.0 through 10.2.4, AAM 11.4.0 through 11.6.0, ARM 11.3.0 through 11.6.0, Analytics 11.0.0 through 11.6.0, APM and Edge Gateway 11.0.0 through 11.6.0 and 10.1.0 through 10.2.4, PEM 11.3.0 through 11.6.0, PSM 11.0.0 through 11.4.1 and 10.0.0 through 10.2.4, and WOM 11.0.0 through 11.3.0 and 10.0.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allow remote authenticated users to read arbitrary files and cause a denial of service via a crafted request, as demonstrated using (1) viewList or (2) deal elements.
References
http://www.securitytracker.com/id/1031145vdb-entry, x_refsource_SECTRACK
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6032/x_refsource_MISC
http://www.securitytracker.com/id/1031144vdb-entry, x_refsource_SECTRACK
http://seclists.org/fulldisclosure/2014/Oct/128mailing-list, x_refsource_FULLDISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/98403vdb-entry, x_refsource_XF
https://exchange.xforce.ibmcloud.com/vulnerabilities/98402vdb-entry, x_refsource_XF
https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15605.htmlx_refsource_CONFIRM
http://seclists.org/fulldisclosure/2014/Oct/129mailing-list, x_refsource_FULLDISC
http://seclists.org/fulldisclosure/2014/Oct/130mailing-list, x_refsource_FULLDISC
http://www.securityfocus.com/bid/70834vdb-entry, x_refsource_BID
http://packetstormsecurity.com/files/128915/F5-Big-IP-11.3.0.39.0-XML-External-Entity-Injection-1.htmlx_refsource_MISC
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6033/x_refsource_MISC
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T12:03:02.334Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1031145",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1031145"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6032/"
          },
          {
            "name": "1031144",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1031144"
          },
          {
            "name": "20141030 CVE-2014-6032 - XML External Entity Injection in F5 Networks Big-IP",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Oct/128"
          },
          {
            "name": "bigip-cve20146033-info-disc(98403)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98403"
          },
          {
            "name": "bigip-cve20146032-info-disc(98402)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98402"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15605.html"
          },
          {
            "name": "20141030 CVE-2014-6033 - XML External Entity Injection in F5 Networks Big-IP",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Oct/129"
          },
          {
            "name": "20141030 Re: CVE-2014-6032 - XML External Entity Injection in F5 Networks Big-IP",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Oct/130"
          },
          {
            "name": "70834",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/70834"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128915/F5-Big-IP-11.3.0.39.0-XML-External-Entity-Injection-1.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6033/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-09-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple XML External Entity (XXE) vulnerabilities in the Configuration utility in F5 BIG-IP LTM, ASM, GTM, and Link Controller 11.0 through 11.6.0 and 10.0.0 through 10.2.4, AAM 11.4.0 through 11.6.0, ARM 11.3.0 through 11.6.0, Analytics 11.0.0 through 11.6.0, APM and Edge Gateway 11.0.0 through 11.6.0 and 10.1.0 through 10.2.4, PEM 11.3.0 through 11.6.0, PSM 11.0.0 through 11.4.1 and 10.0.0 through 10.2.4, and WOM 11.0.0 through 11.3.0 and 10.0.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allow remote authenticated users to read arbitrary files and cause a denial of service via a crafted request, as demonstrated using (1) viewList or (2) deal elements."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-07T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1031145",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1031145"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6032/"
        },
        {
          "name": "1031144",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1031144"
        },
        {
          "name": "20141030 CVE-2014-6032 - XML External Entity Injection in F5 Networks Big-IP",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Oct/128"
        },
        {
          "name": "bigip-cve20146033-info-disc(98403)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98403"
        },
        {
          "name": "bigip-cve20146032-info-disc(98402)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98402"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15605.html"
        },
        {
          "name": "20141030 CVE-2014-6033 - XML External Entity Injection in F5 Networks Big-IP",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Oct/129"
        },
        {
          "name": "20141030 Re: CVE-2014-6032 - XML External Entity Injection in F5 Networks Big-IP",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Oct/130"
        },
        {
          "name": "70834",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/70834"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128915/F5-Big-IP-11.3.0.39.0-XML-External-Entity-Injection-1.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6033/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-6032",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple XML External Entity (XXE) vulnerabilities in the Configuration utility in F5 BIG-IP LTM, ASM, GTM, and Link Controller 11.0 through 11.6.0 and 10.0.0 through 10.2.4, AAM 11.4.0 through 11.6.0, ARM 11.3.0 through 11.6.0, Analytics 11.0.0 through 11.6.0, APM and Edge Gateway 11.0.0 through 11.6.0 and 10.1.0 through 10.2.4, PEM 11.3.0 through 11.6.0, PSM 11.0.0 through 11.4.1 and 10.0.0 through 10.2.4, and WOM 11.0.0 through 11.3.0 and 10.0.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allow remote authenticated users to read arbitrary files and cause a denial of service via a crafted request, as demonstrated using (1) viewList or (2) deal elements."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1031145",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1031145"
            },
            {
              "name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6032/",
              "refsource": "MISC",
              "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6032/"
            },
            {
              "name": "1031144",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1031144"
            },
            {
              "name": "20141030 CVE-2014-6032 - XML External Entity Injection in F5 Networks Big-IP",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Oct/128"
            },
            {
              "name": "bigip-cve20146033-info-disc(98403)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98403"
            },
            {
              "name": "bigip-cve20146032-info-disc(98402)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98402"
            },
            {
              "name": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15605.html",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15605.html"
            },
            {
              "name": "20141030 CVE-2014-6033 - XML External Entity Injection in F5 Networks Big-IP",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Oct/129"
            },
            {
              "name": "20141030 Re: CVE-2014-6032 - XML External Entity Injection in F5 Networks Big-IP",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Oct/130"
            },
            {
              "name": "70834",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/70834"
            },
            {
              "name": "http://packetstormsecurity.com/files/128915/F5-Big-IP-11.3.0.39.0-XML-External-Entity-Injection-1.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128915/F5-Big-IP-11.3.0.39.0-XML-External-Entity-Injection-1.html"
            },
            {
              "name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6033/",
              "refsource": "MISC",
              "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6033/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-6032",
    "datePublished": "2014-11-01T23:00:00",
    "dateReserved": "2014-09-01T00:00:00",
    "dateUpdated": "2024-08-06T12:03:02.334Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-15323
Vulnerability from cvelistv5
Published
2018-10-31 14:00
Modified
2024-08-05 09:54
Severity ?
Summary
On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, in certain circumstances, when processing traffic through a Virtual Server with an associated MQTT profile, the TMM process may produce a core file and take the configured HA action.
References
https://support.f5.com/csp/article/K26583415x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:54:01.882Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K26583415"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP (LTM, AAM,AFM, Analytics, APM ASM, Edge Gateway, FPS, PSM, Websafe)",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "14.0.0-14.0.0.2, 13.0.0-13.1.1.1"
            }
          ]
        }
      ],
      "datePublic": "2018-10-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, in certain circumstances, when processing traffic through a Virtual Server with an associated MQTT profile, the TMM process may produce a core file and take the configured HA action."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "DoS",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-31T13:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K26583415"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2018-15323",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP (LTM, AAM,AFM, Analytics, APM ASM, Edge Gateway, FPS, PSM, Websafe)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "14.0.0-14.0.0.2, 13.0.0-13.1.1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, in certain circumstances, when processing traffic through a Virtual Server with an associated MQTT profile, the TMM process may produce a core file and take the configured HA action."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "DoS"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K26583415",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K26583415"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2018-15323",
    "datePublished": "2018-10-31T14:00:00",
    "dateReserved": "2018-08-14T00:00:00",
    "dateUpdated": "2024-08-05T09:54:01.882Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-0101
Vulnerability from cvelistv5
Published
2014-03-11 01:00
Modified
2024-08-06 09:05
Severity ?
Summary
The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk.
References
http://www.securityfocus.com/bid/65943vdb-entry, x_refsource_BID
http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.htmlx_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2014-0328.htmlvendor-advisory, x_refsource_REDHAT
http://www.ubuntu.com/usn/USN-2173-1vendor-advisory, x_refsource_UBUNTU
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2014-0432.htmlvendor-advisory, x_refsource_REDHAT
http://www.ubuntu.com/usn/USN-2174-1vendor-advisory, x_refsource_UBUNTU
http://rhn.redhat.com/errata/RHSA-2014-0419.htmlvendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/59216third-party-advisory, x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=1070705x_refsource_CONFIRM
https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2014/03/04/6mailing-list, x_refsource_MLIST
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:05:38.283Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "65943",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/65943"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html"
          },
          {
            "name": "RHSA-2014:0328",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html"
          },
          {
            "name": "USN-2173-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2173-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729"
          },
          {
            "name": "RHSA-2014:0432",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0432.html"
          },
          {
            "name": "USN-2174-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2174-1"
          },
          {
            "name": "RHSA-2014:0419",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0419.html"
          },
          {
            "name": "59216",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59216"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070705"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729"
          },
          {
            "name": "[oss-security] 20140304 CVE-2014-0101 -- Linux kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/03/04/6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-03-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-15T17:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "65943",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/65943"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html"
        },
        {
          "name": "RHSA-2014:0328",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html"
        },
        {
          "name": "USN-2173-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2173-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729"
        },
        {
          "name": "RHSA-2014:0432",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0432.html"
        },
        {
          "name": "USN-2174-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2174-1"
        },
        {
          "name": "RHSA-2014:0419",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0419.html"
        },
        {
          "name": "59216",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59216"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070705"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729"
        },
        {
          "name": "[oss-security] 20140304 CVE-2014-0101 -- Linux kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/03/04/6"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2014-0101",
    "datePublished": "2014-03-11T01:00:00",
    "dateReserved": "2013-12-03T00:00:00",
    "dateUpdated": "2024-08-06T09:05:38.283Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2019-03-28 21:29
Modified
2024-11-21 04:46
Severity ?
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests.
References
f5sirt@f5.comhttps://support.f5.com/csp/article/K12139752Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K12139752Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_manager *
f5 big-ip_protocol_security_manager *
f5 big-ip_protocol_security_manager *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC26EC47-DB01-45B3-BD47-848B73334A99",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BB42D3A-71EE-4367-9F65-86404D74E59D",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E55CC546-E22D-4DD3-B0A6-9C4BC65E0951",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E021297A-FD19-446B-B526-7516503B6D24",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4049C7FF-FAE6-4377-98F9-7375D180B232",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5011C2D-FBB5-4117-BB97-11DE70117345",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A53D2261-716A-46D4-B1A4-1C1D84F6AF94",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9032E773-CAB2-4108-A86B-04A8383663BE",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35519CB7-C6BD-4EBF-A75F-03A5D2B9153C",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D00EED-F95D-4458-BDC4-3390DE85348B",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11719D56-D88C-4970-B89E-376D6883857B",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "51218200-4536-4ED9-AA9A-301E2B30B829",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "586A9AE0-4417-4412-B573-73217F82FF73",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A11E433-943D-4D92-B45E-3FA268094278",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "018D35E1-B5D0-456E-9348-79E6CD0560E2",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F6C963-A1BF-4579-9345-D0207269577A",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "05737070-098F-4F1B-90B1-4357A232DFB0",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4C3D6F5-D94D-46A3-991C-A11275B59F8E",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C762BE7-29D5-47B2-B3A3-8AD9646417B6",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6B989A-BA55-47F5-8269-D9FA435ECC29",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2392B92F-B2A5-4548-AB20-3142D5EADE8E",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57CCB85A-6F90-4DB7-B0F8-AE5250E1DCFE",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CFDA5A2-FDB6-4F7A-ADC1-A1016639FCDC",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F534EADF-DA49-4EDD-97F8-C4046E890D8B",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B30938E-E843-4D52-8EFC-19107BCDB1D9",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "60189636-02D6-44CA-BE2A-7777E3C409CD",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6010CA3B-B5AB-4C6B-93A9-A148207224B2",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0233F1B-2DDB-4B01-A549-E76C18BBC3F1",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16F3D25A-7050-4A98-B3B5-3539FCC417AE",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CD4DFE3-9071-4808-AE24-2CCA5DB5BA80",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B189FA9C-D989-460B-85AC-FD39F8E0259E",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3A526B1-EB66-497F-B8B5-45205781B323",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E91FA1C5-2FC4-49F7-9AF7-A6BD446BFA2E",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AD75094-3248-4D37-969E-75272F6F31D6",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0A2FCB-564D-4530-B642-624B6A4F1A22",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DBE74F-6E43-448F-9479-8FD75D5DCC22",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0711B652-EC5F-4507-BD21-C27B636DE389",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1160D8C7-32E7-4837-AF7B-6F056255B5A2",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E20125-7514-4B6A-845D-AFC099C6B255",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE90FC3A-C0B4-4CFA-80A3-929871381613",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "205B6399-2EA9-44C0-8ED7-06B3EE724AC2",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FE1518D-8F83-47E9-B183-A998FA8B7CE2",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A5F5C3E-C71C-4FBF-A2F4-68CEC90097DA",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6ADE585-616C-4B40-A40C-EE97A8FAC653",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "64CAD197-79F4-41AE-956C-D23DCA556A52",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79344F94-2CB8-4F08-9373-61614A38476C",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "93B1A472-EA29-4D4E-A27E-F40B0457DE39",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "224F2348-19DC-4242-8A1E-5F5BDCB86B9C",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DAD0B3C-4E3B-48F1-84E1-E92BE40A657F",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "397AC4A5-B67C-483B-84F7-8CB294BB460C",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9ADB128-5666-43E7-A7FE-587BD8CF19BE",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4D3A77A-89E0-44DF-AA5B-EDEBCBB63060",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized SNMP requests."
    },
    {
      "lang": "es",
      "value": "En BIG-IP, 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1 y 14.0.0-14.0.0.2, bajo ciertas circunstancias, el demonio snmpd podr\u00eda divulgar memoria en un invitado BIG-IP vCMP con varios blades al procesar peticiones SNMP autorizadas."
    }
  ],
  "id": "CVE-2019-6608",
  "lastModified": "2024-11-21T04:46:47.787",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-03-28T21:29:00.820",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K12139752"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K12139752"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2016-08-26 14:59
Modified
2024-11-21 02:46
Severity ?
4.9 (Medium) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (APM) access logs via unspecified vectors.
References
cve@mitre.orghttp://www.securityfocus.com/bid/92671
cve@mitre.orghttp://www.securitytracker.com/id/1036631Third Party Advisory, VDB Entry
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/92671
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1036631Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.htmlVendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_webaccelerator 11.0.0
f5 big-ip_webaccelerator 11.1.0
f5 big-ip_webaccelerator 11.2.0
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_webaccelerator 11.3.0
f5 big-ip_link_controller 11.0.0
f5 big-ip_link_controller 11.1.0
f5 big-ip_link_controller 11.2.0
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.3.0
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.5.4
f5 big-ip_link_controller 11.6.0
f5 big-ip_link_controller 12.0.0
f5 big-ip_access_policy_manager 11.0.0
f5 big-ip_access_policy_manager 11.1.0
f5 big-ip_access_policy_manager 11.2.0
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.3.0
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.5.4
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_access_policy_manager 12.0.0
f5 big-ip_application_security_manager 11.0.0
f5 big-ip_application_security_manager 11.1.0
f5 big-ip_application_security_manager 11.2.0
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.3.0
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.5.4
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_application_security_manager 12.0.0
f5 big-ip_domain_name_system 12.0.0
f5 big-ip_global_traffic_manager 11.0.0
f5 big-ip_global_traffic_manager 11.1.0
f5 big-ip_global_traffic_manager 11.2.0
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.3.0
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.5.4
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_local_traffic_manager 11.0.0
f5 big-ip_local_traffic_manager 11.1.0
f5 big-ip_local_traffic_manager 11.2.0
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.3.0
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.5.3
f5 big-ip_local_traffic_manager 11.5.4
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_local_traffic_manager 12.0.0
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.5.4
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_acceleration_manager 12.0.0
f5 big-ip_protocol_security_module 11.0.0
f5 big-ip_protocol_security_module 11.1.0
f5 big-ip_protocol_security_module 11.2.0
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_analytics 11.0.0
f5 big-ip_analytics 11.1.0
f5 big-ip_analytics 11.2.0
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.3.0
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.5.3
f5 big-ip_analytics 11.5.4
f5 big-ip_analytics 11.6.0
f5 big-ip_analytics 12.0.0
f5 big-ip_advanced_firewall_manager 11.2.1
f5 big-ip_advanced_firewall_manager 11.3.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.5.4
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_advanced_firewall_manager 12.0.0
f5 big-ip_wan_optimization_manager 11.0.0
f5 big-ip_wan_optimization_manager 11.1.0
f5 big-ip_wan_optimization_manager 11.2.0
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_wan_optimization_manager 11.3.0
f5 big-ip_policy_enforcement_manager 11.3.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.5.4
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_policy_enforcement_manager 12.0.0
f5 big-ip_edge_gateway 11.0.0
f5 big-ip_edge_gateway 11.1.0
f5 big-ip_edge_gateway 11.2.0
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_edge_gateway 11.3.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FDC1C0F-A00A-456C-AB51-CD139B15CB61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (APM) access logs via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "La utilidad Configuration en sistemas F5 BIG-IP 11.0.x, 11.1.x, 11.2.x en versiones anteriores a11.2.1 HF16, 11.3.x, 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4 HF2, 1.6.x en versiones anteriores a 11.6.1 y 12.0.0 en versiones anteriores a HF1 permite a administradores remotos leer registros de acceso Access Policy Manager (APM) a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2016-1497",
  "lastModified": "2024-11-21T02:46:33.530",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-08-26T14:59:00.133",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/92671"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036631"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/92671"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2017-06-09 15:29
Modified
2024-11-21 02:58
Severity ?
5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable.
References
f5sirt@f5.comhttp://www.securityfocus.com/bid/95320Third Party Advisory, VDB Entry
f5sirt@f5.comhttp://www.securitytracker.com/id/1037559
f5sirt@f5.comhttp://www.securitytracker.com/id/1037560
f5sirt@f5.comhttps://support.f5.com/csp/article/K97285349Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/95320Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1037559
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1037560
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K97285349Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.5.3
f5 big-ip_local_traffic_manager 11.5.4
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_local_traffic_manager 11.6.1
f5 big-ip_local_traffic_manager 12.0.0
f5 big-ip_local_traffic_manager 12.1.0
f5 big-ip_local_traffic_manager 12.1.1
f5 big-ip_local_traffic_manager 12.1.2
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.5.4
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_acceleration_manager 11.6.1
f5 big-ip_application_acceleration_manager 12.0.0
f5 big-ip_application_acceleration_manager 12.1.0
f5 big-ip_application_acceleration_manager 12.1.1
f5 big-ip_application_acceleration_manager 12.1.2
f5 big-ip_advanced_firewall_manager 11.2.1
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.5.4
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_advanced_firewall_manager 11.6.1
f5 big-ip_advanced_firewall_manager 12.0.0
f5 big-ip_advanced_firewall_manager 12.1.0
f5 big-ip_advanced_firewall_manager 12.1.1
f5 big-ip_advanced_firewall_manager 12.1.2
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.5.3
f5 big-ip_analytics 11.5.4
f5 big-ip_analytics 11.6.0
f5 big-ip_analytics 11.6.1
f5 big-ip_analytics 12.0.0
f5 big-ip_analytics 12.1.0
f5 big-ip_analytics 12.1.1
f5 big-ip_analytics 12.1.2
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.5.4
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_access_policy_manager 11.6.1
f5 big-ip_access_policy_manager 12.0.0
f5 big-ip_access_policy_manager 12.1.0
f5 big-ip_access_policy_manager 12.1.1
f5 big-ip_access_policy_manager 12.1.2
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.5.4
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_application_security_manager 11.6.1
f5 big-ip_application_security_manager 12.0.0
f5 big-ip_application_security_manager 12.1.0
f5 big-ip_application_security_manager 12.1.1
f5 big-ip_application_security_manager 12.1.2
f5 big-ip_domain_name_system 12.0.0
f5 big-ip_domain_name_system 12.1.0
f5 big-ip_domain_name_system 12.1.1
f5 big-ip_domain_name_system 12.1.2
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.5.4
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_global_traffic_manager 11.6.1
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.5.4
f5 big-ip_link_controller 11.6.0
f5 big-ip_link_controller 11.6.1
f5 big-ip_link_controller 12.0.0
f5 big-ip_link_controller 12.1.0
f5 big-ip_link_controller 12.1.1
f5 big-ip_link_controller 12.1.2
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.5.4
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_policy_enforcement_manager 11.6.1
f5 big-ip_policy_enforcement_manager 12.0.0
f5 big-ip_policy_enforcement_manager 12.1.0
f5 big-ip_policy_enforcement_manager 12.1.1
f5 big-ip_policy_enforcement_manager 12.1.2
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_websafe 11.6.0
f5 big-ip_websafe 11.6.1
f5 big-ip_websafe 12.0.0
f5 big-ip_websafe 12.1.0
f5 big-ip_websafe 12.1.1
f5 big-ip_websafe 12.1.2
f5 big-ip_wan_optimization_manager 11.2.1
f5 enterprise_manager 3.1.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2B502F2-404C-463B-B6BE-87489DC881F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82C7B1C-E195-4D94-B604-78FB464C4F81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F6C3144-D0DE-4248-BFCD-04A7E6104044",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0357B5ED-0600-4756-93E5-692987068596",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BE0210-7058-462A-BA17-845D3E4F52FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECA90FB8-E2CD-400F-B753-1B482E7FAC96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FEC804B-35DB-4A0C-9AEA-15527E0CC1B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEB228A9-0C01-4531-B2B2-38BB7B0E02E9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FDC1C0F-A00A-456C-AB51-CD139B15CB61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBAB92C5-2D50-49CC-AECA-0D16BC44A788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC827031-CA39-4081-8CE0-30EAC78DF756",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7569903B-3A15-4A10-863B-6828337DD268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "45825991-D17D-42F1-87B4-7DF86B098B45",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A065BC0-56BD-4665-A860-EBA37F1A4D8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "77192AFB-B612-4BAA-916C-3DF8E851CC2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE295AF6-2B35-467F-8501-B5753CDDE16C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3C03B68-914F-4DB0-A832-B626B8746524",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E33BCA5B-CE91-451C-9821-2023A9E461C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2044C-AC6F-4145-B1A0-8EB26DCF1F8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FC866D4-CE8C-4408-AD1E-8643AC554CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7563D979-BE37-4251-B92E-0DBDBE53F3FF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94DBCD7A-E4DA-4C08-87A4-960CF53A83E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB2118A-0F9C-4273-BB07-85FEA32C785B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8541C9EF-69A8-4641-B173-3BCE0EDD20A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E24A3C71-0075-4738-B114-267337D050CD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DD7394-BD0A-42FD-A367-827F35397A20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "98509F74-301A-4D1F-A2B4-B01B80CEFFCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E87FFF5F-5BB1-4E2F-BD15-3BA7C9B26FEA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "911BB6DB-B2D1-4855-A65C-F0799E034358",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C641B4F-DCFF-4A1B-9E00-EDF18A270241",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBBB6E7C-DA1A-479F-9DD2-DE0C3CA82E92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4913B437-33FF-4B5E-A855-9DA00B35E3B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDCFE65B-340B-4F7D-93A1-4390BBC8E67F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1EA4F45-35F7-4687-8D1A-A5ACD846500A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "64273A2C-E5A1-4605-92DD-EBECC7F051D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E60CA151-1C3A-45B3-B939-E6F80063C595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "58BAD5A9-9C67-4056-9344-07C8C42C8E88",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "228D5DA1-C78A-4E05-997A-50F6C1B59593",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "452C59B8-230D-4FC0-B76D-FA6E381E3713",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EE1EEA6-1E25-4A90-91A1-386D19808557",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A05340-0AE2-49CA-903F-44383421577E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "583F134E-1616-44F2-8EF0-0CFA5CCEF0AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "86D0731D-E9DA-4056-9AC6-F204C2F915F7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de tipo cross-site scripting (XSS) almacenada en la p\u00e1gina de cambio de nombre del dispositivo de la utilidad Configuration en BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM y WebSafe versi\u00f3n 12.0.0 hasta 12.1.2, versi\u00f3n 11.4.0 hasta 11.6.1, y versi\u00f3n 11.2.1, permite a un usuario autenticado inyectar un script web o HTML arbitrario. La explotaci\u00f3n requiere administrador de recursos o permisos de administrador, y podr\u00eda causar que el cliente de la utilidad Configuration se vuelva inestable."
    }
  ],
  "id": "CVE-2016-7469",
  "lastModified": "2024-11-21T02:58:04.063",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-06-09T15:29:00.180",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95320"
    },
    {
      "source": "f5sirt@f5.com",
      "url": "http://www.securitytracker.com/id/1037559"
    },
    {
      "source": "f5sirt@f5.com",
      "url": "http://www.securitytracker.com/id/1037560"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K97285349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95320"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1037559"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1037560"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K97285349"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2014-05-12 14:55
Modified
2024-11-21 02:07
Severity ?
Summary
The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, BIG-IP AAM 11.4.0 through 11.5.1, BIG-IP AFM and PEM 11.3.0 through 11.5.1, BIG-IP Analytics 11.0.0 through 11.5.1, BIG-IP Edge Gateway, WebAccelerator, WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, Enterprise Manager 2.1.0 through 2.3.0 and 3.0.0 through 3.1.1, and BIG-IQ Cloud, Device, and Security 4.0.0 through 4.3.0 allows remote administrators to execute arbitrary commands via shell metacharacters in the hostname element in a SOAP request.
References
cret@cert.orghttp://seclists.org/fulldisclosure/2014/May/32
cret@cert.orghttp://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.htmlVendor Advisory
cret@cert.orghttp://www.exploit-db.com/exploits/34927Exploit
cret@cert.orghttp://www.osvdb.org/106728
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2014/May/32
af854a3a-2127-422b-91ae-364da2661108http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.exploit-db.com/exploits/34927Exploit
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/106728
Impacted products
Vendor Product Version
f5 big-ip_webaccelerator 9.4.0
f5 big-ip_webaccelerator 9.4.1
f5 big-ip_webaccelerator 9.4.2
f5 big-ip_webaccelerator 9.4.3
f5 big-ip_webaccelerator 9.4.4
f5 big-ip_webaccelerator 9.4.5
f5 big-ip_webaccelerator 9.4.6
f5 big-ip_webaccelerator 9.4.7
f5 big-ip_webaccelerator 9.4.8
f5 big-ip_webaccelerator 10.0.0
f5 big-ip_webaccelerator 10.0.1
f5 big-ip_webaccelerator 10.1.0
f5 big-ip_webaccelerator 10.2.0
f5 big-ip_webaccelerator 10.2.1
f5 big-ip_webaccelerator 10.2.2
f5 big-ip_webaccelerator 10.2.3
f5 big-ip_webaccelerator 10.2.4
f5 big-ip_webaccelerator 11.0.0
f5 big-ip_webaccelerator 11.1.0
f5 big-ip_webaccelerator 11.2.0
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_webaccelerator 11.3.0
f5 big-ip_local_traffic_manager 10.0.0
f5 big-ip_local_traffic_manager 10.0.1
f5 big-ip_local_traffic_manager 10.1.0
f5 big-ip_local_traffic_manager 10.2.0
f5 big-ip_local_traffic_manager 10.2.1
f5 big-ip_local_traffic_manager 10.2.2
f5 big-ip_local_traffic_manager 11.0.0
f5 big-ip_protocol_security_module 9.4.5
f5 big-ip_protocol_security_module 9.4.6
f5 big-ip_protocol_security_module 9.4.7
f5 big-ip_protocol_security_module 9.4.8
f5 big-ip_protocol_security_module 10.0.0
f5 big-ip_protocol_security_module 10.0.1
f5 big-ip_protocol_security_module 10.1.0
f5 big-ip_protocol_security_module 10.2.0
f5 big-ip_protocol_security_module 10.2.1
f5 big-ip_protocol_security_module 10.2.2
f5 big-ip_protocol_security_module 10.2.3
f5 big-ip_protocol_security_module 10.2.4
f5 big-ip_protocol_security_module 11.0.0
f5 big-ip_protocol_security_module 11.1.0
f5 big-ip_protocol_security_module 11.2.0
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_link_controller 10.0.0
f5 big-ip_link_controller 10.0.1
f5 big-ip_link_controller 10.1.0
f5 big-ip_link_controller 10.2.0
f5 big-ip_link_controller 10.2.1
f5 big-ip_link_controller 10.2.2
f5 big-ip_link_controller 11.0.0
f5 big-ip_application_security_manager 10.0.0
f5 big-ip_application_security_manager 10.0.1
f5 big-ip_application_security_manager 10.1.0
f5 big-ip_application_security_manager 10.2.0
f5 big-ip_application_security_manager 10.2.1
f5 big-ip_application_security_manager 10.2.2
f5 big-ip_application_security_manager 11.0.0
f5 big-ip_global_traffic_manager 10.0.0
f5 big-ip_global_traffic_manager 10.0.1
f5 big-ip_global_traffic_manager 10.1.0
f5 big-ip_global_traffic_manager 10.2.0
f5 big-ip_global_traffic_manager 10.2.1
f5 big-ip_global_traffic_manager 10.2.2
f5 big-ip_global_traffic_manager 11.0.0
f5 big-ip_wan_optimization_manager 10.0.0
f5 big-ip_wan_optimization_manager 10.0.1
f5 big-ip_wan_optimization_manager 10.1.0
f5 big-ip_wan_optimization_manager 10.2.0
f5 big-ip_wan_optimization_manager 10.2.1
f5 big-ip_wan_optimization_manager 10.2.2
f5 big-ip_wan_optimization_manager 11.0.0
f5 big-ip_access_policy_manager 10.1.0
f5 big-ip_access_policy_manager 10.2.0
f5 big-ip_access_policy_manager 10.2.1
f5 big-ip_access_policy_manager 10.2.2
f5 big-ip_access_policy_manager 11.0.0
f5 big-ip_edge_gateway 10.1.0
f5 big-ip_edge_gateway 10.2.0
f5 big-ip_edge_gateway 10.2.1
f5 big-ip_edge_gateway 10.2.2
f5 big-ip_edge_gateway 11.0.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CB7340E-36AE-40F0-8B38-247803F97038",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEFEE12B-A78F-4288-A98F-2497531D0EAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D4AE2CE-4A4B-4B5F-992C-F939E1CDE6FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAB821F7-26DB-4C74-9129-BBC50DF0C2F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD6FE682-3B40-42B0-A3BC-4281F0003248",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFC8D1C6-69AC-4423-A1C7-4093236A7F51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "38CDACEA-9235-4B7F-AC2B-4ACFB4BD9918",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF5FC5A6-0CD0-47E3-87F9-F09BB1B4B920",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7317A692-0D9D-4DF4-99AD-893187E3F298",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E951823B-9791-48C7-A804-18FEBEC31279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E3427DB-2918-4934-A3C1-FA5F1632364F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F1A903-4AF5-4FE6-92B0-9F0B64723804",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "383966C0-2FDD-4755-BA16-EE73D4577DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1C4384-1728-4A71-8634-DCE3F2AEB8F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AC8AA37-9962-4CF6-99E5-A6F94582B107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF1FD1C1-6980-4E9F-8DEF-D9E552510481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F443F1-C43F-42AD-98E4-AE11C72F363E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:9.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8463B1D-8442-4D50-BAAA-122280496A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:9.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6448016D-1A8E-42E3-81F8-80772D4EE6B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:9.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C54690EB-578A-45DA-9324-4CE84B084BCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:9.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "50B828D6-7221-4F94-9C0D-4483E60576EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2691943C-1FD1-43EE-B070-E35710E426ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B10D9D9-BC40-4889-9196-C8EA7C571160",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "288EB1AC-9DE3-4FE2-AE4D-006A49199877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1405D7AE-D14C-40F6-9144-EF2F18A6EBC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "71578014-E3CD-40A9-8AE4-537C970B4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4D2DA3-1EF3-428A-ACC0-1C438D6F8648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4758B4CB-5CD9-4505-8E91-E5E849937A63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C801C53F-9ECC-42B9-A119-5046706CA621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A544E4-B9BB-4735-8239-4FC57473BB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E5BF8D-7391-49E3-A17A-26A1F138A3C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D810F8-6062-4901-9832-226F80287C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC2A0DC-D931-4450-8D0F-3223A8EDCED9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C19BDD-1286-48C7-8E7D-66C100D02319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4653A4-833F-4381-86E9-452F19A53868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16ACB60E-B9E9-402A-BE42-DF5C892C2257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EE87BAD-382E-4FA7-BCF9-88EFA36DAB3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6363B0D-AC1F-4AF5-BC02-19F77A85F3AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B80111-6F28-4E7F-B9DE-27825866A138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8D0587-ED89-4CDB-960D-37FBD522B146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77088CC-8C8C-4D6E-9770-634A5BF62A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB441DC5-813E-4E59-87B8-15731291B135",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F89F4A12-710E-4F7A-9A8D-D8B91889A279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "126AD92E-6816-42C0-8801-A81B59C11A56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "890F363A-FC4F-4F52-BBFF-E959F65043A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5BE38A0-CD2F-4C18-9EE3-D56A23BDB73A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "476D58C4-7699-45AC-B987-B42B5488240B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A1197A-7196-49AA-B368-5539180B8B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F73DC1-9174-4842-B772-D277D293214A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D982EE29-D298-4D39-897A-580D867CDE50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D477F539-2E79-47BB-A8CF-F3A73AA72A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, BIG-IP AAM 11.4.0 through 11.5.1, BIG-IP AFM and PEM 11.3.0 through 11.5.1, BIG-IP Analytics 11.0.0 through 11.5.1, BIG-IP Edge Gateway, WebAccelerator, WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, Enterprise Manager 2.1.0 through 2.3.0 and 3.0.0 through 3.1.1, and BIG-IQ Cloud, Device, and Security 4.0.0 through 4.3.0 allows remote administrators to execute arbitrary commands via shell metacharacters in the hostname element in a SOAP request."
    },
    {
      "lang": "es",
      "value": "La API iControl en F5 BIG-IP LTM, APM, ASM, GTM, Link Controller y PSM 10.0.0 hasta 10.2.4 y 11.0.0 hasta 11.5.1, BIG-IP AAM 11.4.0 hasta 11.5.1, BIG-IP AFM y PEM 11.3.0 hasta 11.5.1, BIG-IP Analytics 11.0.0 hasta 11.5.1, BIG-IP Edge Gateway, WebAccelerator, WOM 10.1.0 hasta 10.2.4 y 11.0.0 hasta 11.3.0, Enterprise Manager 2.1.0 hasta 2.3.0 y 3.0.0 hasta 3.1.1 y BIG-IQ Cloud, Device y Security 4.0.0 hasta 4.3.0 permite a administradores remotos ejecutar comandos arbitrarios a trav\u00e9s de metacaracteres de shell en el elemento de nombre de anfitri\u00f3n en una solicitud SOAP."
    }
  ],
  "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/77.html\n\n\"CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)\"",
  "id": "CVE-2014-2928",
  "lastModified": "2024-11-21T02:07:12.457",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-05-12T14:55:06.587",
  "references": [
    {
      "source": "cret@cert.org",
      "url": "http://seclists.org/fulldisclosure/2014/May/32"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.html"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/34927"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.osvdb.org/106728"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2014/May/32"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/34927"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/106728"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2016-09-07 19:28
Modified
2024-11-21 02:57
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link Controller 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP Analytics 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP DNS 12.0.0 before HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 10.2.1 through 10.2.4 and 11.2.1; BIG-IP GTM 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 10.2.1 through 10.2.4 and 11.4.0 through 11.4.1 allows remote DNS servers to cause a denial of service (CPU consumption or Traffic Management Microkernel crash) via a crafted PTR response.
References
cve@mitre.orghttp://www.securitytracker.com/id/1036725Third Party Advisory, VDB Entry
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/k/52/sol52638558.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1036725Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/k/52/sol52638558.htmlVendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager 10.2.1
f5 big-ip_local_traffic_manager 10.2.2
f5 big-ip_local_traffic_manager 10.2.3
f5 big-ip_local_traffic_manager 10.2.4
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.5.3
f5 big-ip_local_traffic_manager 11.5.4
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_local_traffic_manager 12.0.0
f5 big-ip_webaccelerator 10.2.1
f5 big-ip_webaccelerator 10.2.2
f5 big-ip_webaccelerator 10.2.3
f5 big-ip_webaccelerator 10.2.4
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.5.4
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_acceleration_manager 12.0.0
f5 big-ip_global_traffic_manager 10.2.1
f5 big-ip_global_traffic_manager 10.2.2
f5 big-ip_global_traffic_manager 10.2.3
f5 big-ip_global_traffic_manager 10.2.4
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.5.4
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_link_controller 10.2.1
f5 big-ip_link_controller 10.2.2
f5 big-ip_link_controller 10.2.3
f5 big-ip_link_controller 10.2.4
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.5.4
f5 big-ip_link_controller 11.6.0
f5 big-ip_link_controller 12.0.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.5.4
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_advanced_firewall_manager 12.0.0
f5 big-ip_protocol_security_module 10.2.1
f5 big-ip_protocol_security_module 10.2.2
f5 big-ip_protocol_security_module 10.2.3
f5 big-ip_protocol_security_module 10.2.4
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_wan_optimization_manager 10.2.1
f5 big-ip_wan_optimization_manager 10.2.2
f5 big-ip_wan_optimization_manager 10.2.3
f5 big-ip_wan_optimization_manager 10.2.4
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_application_security_manager 10.2.1
f5 big-ip_application_security_manager 10.2.2
f5 big-ip_application_security_manager 10.2.3
f5 big-ip_application_security_manager 10.2.4
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.5.4
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_application_security_manager 12.0.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.5.4
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_policy_enforcement_manager 12.0.0
f5 big-ip_domain_name_system 12.0.0
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.5.3
f5 big-ip_analytics 11.5.4
f5 big-ip_analytics 11.6.0
f5 big-ip_analytics 12.0.0
f5 big-ip_edge_gateway 10.2.1
f5 big-ip_edge_gateway 10.2.2
f5 big-ip_edge_gateway 10.2.3
f5 big-ip_edge_gateway 10.2.4
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_access_policy_manager 10.2.1
f5 big-ip_access_policy_manager 10.2.2
f5 big-ip_access_policy_manager 10.2.3
f5 big-ip_access_policy_manager 10.2.4
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.5.4
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_access_policy_manager 12.0.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16CD0C3-13CC-46D2-8E33-A98B3ACC1992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE056B1B-5037-453C-B845-06A507452821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8D0587-ED89-4CDB-960D-37FBD522B146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77088CC-8C8C-4D6E-9770-634A5BF62A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D19442F-065D-4CBE-87EA-697CECD6A47C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445A56C-8D69-484B-8EC4-1F45B4490CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A544E4-B9BB-4735-8239-4FC57473BB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E5BF8D-7391-49E3-A17A-26A1F138A3C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C33FD2-8473-485C-9726-5673B49A031D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FA77AD2-557E-41E5-8BE5-F4B4A1AB8E13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0018A0C0-AFB3-4654-9504-78A2742C6EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A1ACF2F-3C0E-42E1-A1D2-6D682B2E32C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD4E5E9-5289-4E84-A922-97364D8EB6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "479AFDC6-CE0E-4AAC-8DA9-26ADCD96E8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C59A21-CFC9-41CE-AEC3-FD9E8B02A5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE109CFC-59FD-4859-87EF-5FDD1BD94260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A1197A-7196-49AA-B368-5539180B8B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F73DC1-9174-4842-B772-D277D293214A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2BEA4E9-125B-47D7-99D0-DE469839622F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FB07A3-8D07-44F6-B827-B22D3799A707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link Controller 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP Analytics 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP DNS 12.0.0 before HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 10.2.1 through 10.2.4 and 11.2.1; BIG-IP GTM 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 10.2.1 through 10.2.4 and 11.4.0 through 11.4.1 allows remote DNS servers to cause a denial of service (CPU consumption or Traffic Management Microkernel crash) via a crafted PTR response."
    },
    {
      "lang": "es",
      "value": "El comando RESOLV::lookup iRule en F5 BIG-IP LTM, APM, ASM y Link Controller 10.2.1 hasta la versi\u00f3n 10.2.4, 11.2.1, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 y 12.0.0 en versiones anteriores a HF3; BIG-IP AAM, AFM y PEM 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 y 12.0.0 en versiones anteriores a HF3; BIG-IP Analytics 11.2.1, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 y 12.0.0 en versiones anteriores a HF3; BIG-IP DNS 12.0.0 en versiones anteriores a HF3; BIG-IP Edge Gateway, WebAccelerator y WOM 10.2.1 hasta la versi\u00f3n 10.2.4 y 11.2.1; BIG-IP GTM 10.2.1 hasta la versi\u00f3n 10.2.4, 11.2.1, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2 y 11.6.x en versiones anteriores a 11.6.1; y BIG-IP PSM 10.2.1 hasta la versi\u00f3n 10.2.4 y 11.4.0 hasta la versi\u00f3n 11.4.1 permite a servidores DNS remotos provocar una denegaci\u00f3n de servicio (consumo de CPU o ca\u00edda de Traffic Management Microkernel) a trav\u00e9s de una respuesta PTR manipulada."
    }
  ],
  "id": "CVE-2016-6876",
  "lastModified": "2024-11-21T02:57:00.097",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-09-07T19:28:17.927",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036725"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/52/sol52638558.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036725"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/52/sol52638558.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2012-05-24 23:55
Modified
2024-11-21 01:29
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Summary
The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.
References
secalert@redhat.comhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec
secalert@redhat.comhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=139447903326211&w=2Mailing List, Third Party Advisory
secalert@redhat.comhttp://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1Mailing List, Patch, Vendor Advisory
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2011/08/23/2Mailing List, Patch, Third Party Advisory
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=732658Issue Tracking, Patch, Third Party Advisory
secalert@redhat.comhttps://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ecPatch, Third Party Advisory
secalert@redhat.comhttps://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535fPatch, Third Party Advisory
secalert@redhat.comhttps://support.f5.com/csp/article/K15301?utm_source=f5support&amp%3Butm_medium=RSS
af854a3a-2127-422b-91ae-364da2661108http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec
af854a3a-2127-422b-91ae-364da2661108http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=139447903326211&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1Mailing List, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2011/08/23/2Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=732658Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ecPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535fPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K15301?utm_source=f5support&amp%3Butm_medium=RSS
Impacted products
Vendor Product Version
linux linux_kernel *
redhat enterprise_linux 4.0
f5 arx *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_analytics *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_wan_optimization_manager *
f5 big-ip_wan_optimization_manager *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 enterprise_manager *
f5 enterprise_manager 3.0.0
f5 firepass *
f5 firepass 7.0.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "156989A4-23D9-434A-B512-9C0F3583D13D",
              "versionEndExcluding": "3.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6172AF57-B26D-45F8-BE3A-F75ABDF28F49",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:arx:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F20E6644-F925-4283-AD92-7B0696F52310",
              "versionEndIncluding": "6.4.0",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0483E71B-931F-4566-AD6F-D5ABF64FFA06",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "47A1E3F1-F319-4A75-9211-29B273E76F03",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "667D3780-3949-41AC-83DE-5BCB8B36C382",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EDED2D2-B85B-4680-9970-A6CE3343422C",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06D3514D-B1C2-4304-96DA-A84847104AF6",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5AF8C8-578E-4FD7-8BAA-53A57EE4C653",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "142D050F-0D22-4D21-AB14-3AD0500A6D3F",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFC44375-AF21-4438-9FF9-244095DEA2B7",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "412829BD-A98B-4AD5-8B93-2C4C20AC15D8",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0B4C01-C71E-4E35-B63A-68395984E033",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF7C328A-E18A-425E-B38F-996CC96D402E",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1DB046D-1AC3-4F5C-95BF-31BBCE1C44BE",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BD1D6A6-50A8-4794-8C7B-E3C3BC48A262",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ADD1B04-9F78-40B3-8314-6935277073B0",
              "versionEndIncluding": "2.3.0",
              "versionStartIncluding": "2.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "125C8A19-4F51-42DD-BA11-F299721EFBB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15CE213B-F42C-4C2E-AFBD-852AB049FF8A",
              "versionEndIncluding": "6.1.0",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "442D343A-973B-4C33-B99B-1EA2B7670DE5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets."
    },
    {
      "lang": "es",
      "value": "Las implementaciones de (1) IPv4 y (2) IPv6 en el kernel de Linux antes de v3.1 utiliza una versi\u00f3n modificada de algoritmo MD4 para generar n\u00fameros de secuencia y valores de los fragmentos de identificaci\u00f3n, lo que hace que sea m\u00e1s f\u00e1cil para los atacantes remotos causar una denegaci\u00f3n de servicio (red interrumpida) o secuestrar sesiones de red mediante la predicci\u00f3n de estos valores y el env\u00edo de paquetes manipulados."
    }
  ],
  "id": "CVE-2011-3188",
  "lastModified": "2024-11-21T01:29:56.183",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.4,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2012-05-24T23:55:02.213",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2011/08/23/2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732658"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://support.f5.com/csp/article/K15301?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2011/08/23/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/csp/article/K15301?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2016-08-19 21:59
Modified
2024-11-21 02:54
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The default configuration of the IPsec IKE peer listener in F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP DNS 12.x before 12.0.0 HF2; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 before HF16; BIG-IP GTM 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 11.4.0 through 11.4.1 improperly enables the anonymous IPsec IKE peer configuration object, which allows remote attackers to establish an IKE Phase 1 negotiation and possibly conduct brute-force attacks against Phase 2 negotiations via unspecified vectors.
References
cve@mitre.orghttp://www.securitytracker.com/id/1036618Third Party Advisory, VDB Entry
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/k/10/sol10133477.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1036618Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/k/10/sol10133477.htmlVendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.5.4
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_acceleration_manager 12.0.0
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.5.3
f5 big-ip_analytics 11.5.4
f5 big-ip_analytics 11.6.0
f5 big-ip_analytics 12.0.0
f5 big-ip_domain_name_system 12.0.0
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.5.4
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_access_policy_manager 12.0.0
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.5.3
f5 big-ip_local_traffic_manager 11.5.4
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_local_traffic_manager 12.0.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.5.4
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_advanced_firewall_manager 12.0.0
f5 big-ip_websafe 11.6.0
f5 big-ip_websafe 12.0.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.5.4
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_policy_enforcement_manager 12.0.0
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.5.4
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.5.4
f5 big-ip_link_controller 11.6.0
f5 big-ip_link_controller 12.0.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.5.4
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_access_policy_manager 12.0.0
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.5.4
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_application_security_manager 12.0.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "228D5DA1-C78A-4E05-997A-50F6C1B59593",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EE1EEA6-1E25-4A90-91A1-386D19808557",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The default configuration of the IPsec IKE peer listener in F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP DNS 12.x before 12.0.0 HF2; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 before HF16; BIG-IP GTM 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 11.4.0 through 11.4.1 improperly enables the anonymous IPsec IKE peer configuration object, which allows remote attackers to establish an IKE Phase 1 negotiation and possibly conduct brute-force attacks against Phase 2 negotiations via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "La configuraci\u00f3n por defecto del listener de pares IPsec IKE en F5 BIG-IP LTM, Analytics, APM, ASM y Link Controller 11.2.1 en versiones anteriores a HF16, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 y 12.x en versiones anteriores a 12.0.0 HF2; BIG-IP AAM, AFM y PEM 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 y 12.x en versiones anteriores a 12.0.0 HF2; BIG-IP DNS 12.x en versiones anteriores a 12.0.0 HF2; BIG-IP Edge Gateway, WebAccelerator y WOM 11.2.1 en versiones anteriores a HF16; BIG-IP GTM 11.2.1 en versiones anteriores a HF16, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2 y 11.6.x en versiones anteriores a 11.6.1; y BIG-IP PSM 11.4.0 hasta la versi\u00f3n 11.4.1 habilita indebidamente el objeto de configuraci\u00f3n de pares an\u00f3nimos IPsec IKE, lo que permite a atacantes remotos establecer una negociaci\u00f3n IKE Phase 1 y posiblemente llevar a cabo ataques de fuerza bruta contra las negociaciones Phase 2 a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2016-5736",
  "lastModified": "2024-11-21T02:54:55.510",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-08-19T21:59:12.400",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036618"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/10/sol10133477.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/10/sol10133477.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2013-08-09 20:56
Modified
2024-11-21 01:46
Severity ?
Summary
Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products "when APM is provisioned," allows remote attackers to upload and execute arbitrary files via a .. (dot dot) in the filename parameter.
References
cret@cert.orghttp://secunia.com/advisories/53477Not Applicable, Vendor Advisory
cret@cert.orghttp://support.f5.com/kb/en-us/solutions/public/14000/400/sol14468.htmlVendor Advisory
cret@cert.orghttps://nealpoole.com/blog/2013/07/code-execution-via-f5-networks-java-applet/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/53477Not Applicable, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.f5.com/kb/en-us/solutions/public/14000/400/sol14468.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://nealpoole.com/blog/2013/07/code-execution-via-f5-networks-java-applet/Third Party Advisory
Impacted products
Vendor Product Version
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_advanced_firewall_manager 11.3.0
f5 big-ip_analytics *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_policy_enforcement_manager 11.3.0
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_wan_optimization_manager *
f5 big-ip_wan_optimization_manager *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 firepass *
f5 firepass 7.0.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "384E40E2-6A1E-41EE-9075-C3D4E4C9DF3D",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA3E5454-D0E6-4BF9-B95F-A43ECE1A4C66",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84B339AC-E904-4D62-81B6-61E1899F6855",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD998E02-0896-4970-8BF7-2D2A3EF3FD7B",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70E5E739-25AE-4A53-A756-A7189C785AD9",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC253328-767A-4DC9-85FB-E8E5666B916B",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AD005AD-AC65-44D1-8DB0-86B8D7F8ABE3",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "64C91648-A64F-4D8A-9F60-DEE6CA181A87",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A25E12-3EDE-4984-9006-1FBCB1977F2C",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E675191C-CA97-4F56-949A-DF2180C2C9F0",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "51E532C1-88C1-461F-9563-E74C0DCFBCBD",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A97C7ACA-7D67-49C1-BA1E-256CD9E337D8",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2F00612-6DDC-448F-AF3F-5869A5EDF95B",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99AC375E-C787-4D10-9062-36548041E343",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15CE213B-F42C-4C2E-AFBD-852AB049FF8A",
              "versionEndIncluding": "6.1.0",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "442D343A-973B-4C33-B99B-1EA2B7670DE5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products \"when APM is provisioned,\" allows remote attackers to upload and execute arbitrary files via a ..  (dot dot) in the filename parameter."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de salto de directorio en una firma no especificada de un Applet Java en un componente client-side en F5 BIG-IP APM v10.1.0 hasta v10.2.4 y v11.0.0 hasta v11.3.0, FirePass v6.0.0 hasta v6.1.0 y v7.0.0, y otros productos \"cuando APM se aprovisiona,\" permite que atacantes remotos puedan subir y ejecutar fichero de su elecci\u00f3n a trav\u00e9s de .. (punto punto) en el par\u00e1metro nombre de fichero."
    }
  ],
  "id": "CVE-2013-0150",
  "lastModified": "2024-11-21T01:46:56.830",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-08-09T20:56:06.917",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Not Applicable",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/53477"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/14000/400/sol14468.html"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://nealpoole.com/blog/2013/07/code-execution-via-f5-networks-java-applet/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/53477"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/14000/400/sol14468.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://nealpoole.com/blog/2013/07/code-execution-via-f5-networks-java-applet/"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2013-10-26 17:55
Modified
2024-11-21 01:58
Severity ?
Summary
The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Controller, and WOM 10.0.0 through 10.2.2 and 11.0.0; Analytics 11.0.0; PSM 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.4.1; and WebAccelerator 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.3.0 might change a TCP connection to the ESTABLISHED state before receiving the ACK packet, which allows remote attackers to cause a denial of service (SIGFPE or assertion failure and TMM restart) via unspecified vectors.
References
cret@cert.orghttp://secunia.com/advisories/55378Vendor Advisory
cret@cert.orghttp://support.f5.com/kb/en-us/solutions/public/13000/200/sol13233.htmlVendor Advisory
cret@cert.orghttp://www.securitytracker.com/id/1029220
cret@cert.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/88166
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/55378Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13233.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1029220
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/88166
Impacted products
Vendor Product Version
f5 big-ip_global_traffic_manager 10.0.0
f5 big-ip_global_traffic_manager 10.0.1
f5 big-ip_global_traffic_manager 10.1.0
f5 big-ip_global_traffic_manager 10.2.0
f5 big-ip_global_traffic_manager 10.2.1
f5 big-ip_global_traffic_manager 10.2.2
f5 big-ip_global_traffic_manager 11.0.0
f5 big-ip_webaccelerator 9.4.0
f5 big-ip_webaccelerator 9.4.1
f5 big-ip_webaccelerator 9.4.2
f5 big-ip_webaccelerator 9.4.3
f5 big-ip_webaccelerator 9.4.4
f5 big-ip_webaccelerator 9.4.5
f5 big-ip_webaccelerator 9.4.6
f5 big-ip_webaccelerator 9.4.7
f5 big-ip_webaccelerator 9.4.8
f5 big-ip_webaccelerator 10.0.0
f5 big-ip_webaccelerator 10.0.1
f5 big-ip_webaccelerator 10.1.0
f5 big-ip_webaccelerator 10.2.0
f5 big-ip_webaccelerator 10.2.1
f5 big-ip_webaccelerator 10.2.2
f5 big-ip_webaccelerator 10.2.3
f5 big-ip_webaccelerator 10.2.4
f5 big-ip_webaccelerator 11.0.0
f5 big-ip_webaccelerator 11.1.0
f5 big-ip_webaccelerator 11.2.0
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_webaccelerator 11.3.0
f5 big-ip_local_traffic_manager 10.0.0
f5 big-ip_local_traffic_manager 10.0.1
f5 big-ip_local_traffic_manager 10.1.0
f5 big-ip_local_traffic_manager 10.2.0
f5 big-ip_local_traffic_manager 10.2.1
f5 big-ip_local_traffic_manager 10.2.2
f5 big-ip_local_traffic_manager 11.0.0
f5 big-ip_application_security_manager 10.0.0
f5 big-ip_application_security_manager 10.0.1
f5 big-ip_application_security_manager 10.1.0
f5 big-ip_application_security_manager 10.2.0
f5 big-ip_application_security_manager 10.2.1
f5 big-ip_application_security_manager 10.2.2
f5 big-ip_application_security_manager 11.0.0
f5 big-ip_access_policy_manager 10.1.0
f5 big-ip_access_policy_manager 10.2.0
f5 big-ip_access_policy_manager 10.2.1
f5 big-ip_access_policy_manager 10.2.2
f5 big-ip_access_policy_manager 11.0.0
f5 big-ip_wan_optimization_manager 10.0.0
f5 big-ip_wan_optimization_manager 10.0.1
f5 big-ip_wan_optimization_manager 10.1.0
f5 big-ip_wan_optimization_manager 10.2.0
f5 big-ip_wan_optimization_manager 10.2.1
f5 big-ip_wan_optimization_manager 10.2.2
f5 big-ip_wan_optimization_manager 11.0.0
f5 big-ip_edge_gateway 10.1.0
f5 big-ip_edge_gateway 10.2.0
f5 big-ip_edge_gateway 10.2.1
f5 big-ip_edge_gateway 10.2.2
f5 big-ip_edge_gateway 11.0.0
f5 big-ip_protocol_security_module 9.4.5
f5 big-ip_protocol_security_module 9.4.6
f5 big-ip_protocol_security_module 9.4.7
f5 big-ip_protocol_security_module 9.4.8
f5 big-ip_protocol_security_module 10.0.0
f5 big-ip_protocol_security_module 10.0.1
f5 big-ip_protocol_security_module 10.1.0
f5 big-ip_protocol_security_module 10.2.0
f5 big-ip_protocol_security_module 10.2.1
f5 big-ip_protocol_security_module 10.2.2
f5 big-ip_protocol_security_module 10.2.3
f5 big-ip_protocol_security_module 10.2.4
f5 big-ip_protocol_security_module 11.0.0
f5 big-ip_protocol_security_module 11.1.0
f5 big-ip_protocol_security_module 11.2.0
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_link_controller 10.0.0
f5 big-ip_link_controller 10.0.1
f5 big-ip_link_controller 10.1.0
f5 big-ip_link_controller 10.2.0
f5 big-ip_link_controller 10.2.1
f5 big-ip_link_controller 10.2.2
f5 big-ip_link_controller 11.0.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16ACB60E-B9E9-402A-BE42-DF5C892C2257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EE87BAD-382E-4FA7-BCF9-88EFA36DAB3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6363B0D-AC1F-4AF5-BC02-19F77A85F3AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B80111-6F28-4E7F-B9DE-27825866A138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8D0587-ED89-4CDB-960D-37FBD522B146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77088CC-8C8C-4D6E-9770-634A5BF62A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CB7340E-36AE-40F0-8B38-247803F97038",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEFEE12B-A78F-4288-A98F-2497531D0EAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D4AE2CE-4A4B-4B5F-992C-F939E1CDE6FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAB821F7-26DB-4C74-9129-BBC50DF0C2F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD6FE682-3B40-42B0-A3BC-4281F0003248",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFC8D1C6-69AC-4423-A1C7-4093236A7F51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "38CDACEA-9235-4B7F-AC2B-4ACFB4BD9918",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF5FC5A6-0CD0-47E3-87F9-F09BB1B4B920",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:9.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7317A692-0D9D-4DF4-99AD-893187E3F298",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E951823B-9791-48C7-A804-18FEBEC31279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E3427DB-2918-4934-A3C1-FA5F1632364F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F1A903-4AF5-4FE6-92B0-9F0B64723804",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "383966C0-2FDD-4755-BA16-EE73D4577DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1C4384-1728-4A71-8634-DCE3F2AEB8F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AC8AA37-9962-4CF6-99E5-A6F94582B107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF1FD1C1-6980-4E9F-8DEF-D9E552510481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F443F1-C43F-42AD-98E4-AE11C72F363E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D810F8-6062-4901-9832-226F80287C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC2A0DC-D931-4450-8D0F-3223A8EDCED9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C19BDD-1286-48C7-8E7D-66C100D02319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4653A4-833F-4381-86E9-452F19A53868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5BE38A0-CD2F-4C18-9EE3-D56A23BDB73A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "476D58C4-7699-45AC-B987-B42B5488240B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A1197A-7196-49AA-B368-5539180B8B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F73DC1-9174-4842-B772-D277D293214A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB441DC5-813E-4E59-87B8-15731291B135",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F89F4A12-710E-4F7A-9A8D-D8B91889A279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "126AD92E-6816-42C0-8801-A81B59C11A56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "890F363A-FC4F-4F52-BBFF-E959F65043A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D982EE29-D298-4D39-897A-580D867CDE50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D477F539-2E79-47BB-A8CF-F3A73AA72A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:9.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8463B1D-8442-4D50-BAAA-122280496A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:9.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6448016D-1A8E-42E3-81F8-80772D4EE6B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:9.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C54690EB-578A-45DA-9324-4CE84B084BCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:9.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "50B828D6-7221-4F94-9C0D-4483E60576EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2691943C-1FD1-43EE-B070-E35710E426ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B10D9D9-BC40-4889-9196-C8EA7C571160",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "288EB1AC-9DE3-4FE2-AE4D-006A49199877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1405D7AE-D14C-40F6-9144-EF2F18A6EBC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "71578014-E3CD-40A9-8AE4-537C970B4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4D2DA3-1EF3-428A-ACC0-1C438D6F8648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4758B4CB-5CD9-4505-8E91-E5E849937A63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C801C53F-9ECC-42B9-A119-5046706CA621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A544E4-B9BB-4735-8239-4FC57473BB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E5BF8D-7391-49E3-A17A-26A1F138A3C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Controller, and WOM 10.0.0 through 10.2.2 and 11.0.0; Analytics 11.0.0; PSM 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.4.1; and WebAccelerator 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.3.0 might change a TCP connection to the ESTABLISHED state before receiving the ACK packet, which allows remote attackers to cause a denial of service (SIGFPE or assertion failure and TMM restart) via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "The Traffic Management Microkernel (TMM) en F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Controller, y WOM 10.0.0 hasta la versi\u00f3n 10.2.2 and 11.0.0; Analytics 11.0.0; PSM 9.4.0  hasta la versi\u00f3n 9.4.8, 10.0.0  hasta la versi\u00f3n 10.2.4, and 11.0.0  hasta la versi\u00f3n 11.4.1; y WebAccelerator 9.4.0  hasta la versi\u00f3n 9.4.8, 10.0.0  hasta la versi\u00f3n 10.2.4, and 11.0.0  hasta la versi\u00f3n 11.3.0 podr\u00eda cambiar a una conexi\u00f3n TCP al estado ESTABLISHED antes de recibir el paquete ACK, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (SIGFPE o error de aserci\u00f3n y reinicio TMM) a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2013-6016",
  "lastModified": "2024-11-21T01:58:37.727",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-10-26T17:55:03.527",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/55378"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13233.html"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securitytracker.com/id/1029220"
    },
    {
      "source": "cret@cert.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88166"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/55378"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13233.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1029220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88166"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2017-05-10 14:29
Modified
2024-11-21 03:00
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
In F5 BIG-IP 11.2.1, 11.4.0 through 11.6.1, and 12.0.0 through 12.1.2, an unauthenticated user with access to the control plane may be able to delete arbitrary files through an undisclosed mechanism.
References
f5sirt@f5.comhttps://support.f5.com/csp/article/K55792317Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K55792317Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.5.3
f5 big-ip_local_traffic_manager 11.5.4
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_local_traffic_manager 11.6.1
f5 big-ip_local_traffic_manager 12.0.0
f5 big-ip_local_traffic_manager 12.1.0
f5 big-ip_local_traffic_manager 12.1.1
f5 big-ip_local_traffic_manager 12.1.2
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.5.4
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_acceleration_manager 11.6.1
f5 big-ip_application_acceleration_manager 12.0.0
f5 big-ip_application_acceleration_manager 12.1.0
f5 big-ip_application_acceleration_manager 12.1.1
f5 big-ip_application_acceleration_manager 12.1.2
f5 big-ip_advanced_firewall_manager 11.2.1
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.5.4
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_advanced_firewall_manager 11.6.1
f5 big-ip_advanced_firewall_manager 12.0.0
f5 big-ip_advanced_firewall_manager 12.1.0
f5 big-ip_advanced_firewall_manager 12.1.1
f5 big-ip_advanced_firewall_manager 12.1.2
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.5.3
f5 big-ip_analytics 11.5.4
f5 big-ip_analytics 11.6.0
f5 big-ip_analytics 11.6.1
f5 big-ip_analytics 12.0.0
f5 big-ip_analytics 12.1.0
f5 big-ip_analytics 12.1.1
f5 big-ip_analytics 12.1.2
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.5.4
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_access_policy_manager 11.6.1
f5 big-ip_access_policy_manager 12.0.0
f5 big-ip_access_policy_manager 12.1.0
f5 big-ip_access_policy_manager 12.1.1
f5 big-ip_access_policy_manager 12.1.2
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.5.4
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_application_security_manager 11.6.1
f5 big-ip_application_security_manager 12.0.0
f5 big-ip_application_security_manager 12.1.0
f5 big-ip_application_security_manager 12.1.1
f5 big-ip_application_security_manager 12.1.2
f5 big-ip_domain_name_system 12.0.0
f5 big-ip_domain_name_system 12.1.0
f5 big-ip_domain_name_system 12.1.1
f5 big-ip_domain_name_system 12.1.2
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.5.4
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_global_traffic_manager 11.6.1
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.5.4
f5 big-ip_link_controller 11.6.0
f5 big-ip_link_controller 11.6.1
f5 big-ip_link_controller 12.0.0
f5 big-ip_link_controller 12.1.0
f5 big-ip_link_controller 12.1.1
f5 big-ip_link_controller 12.1.2
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.5.4
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_policy_enforcement_manager 11.6.1
f5 big-ip_policy_enforcement_manager 12.0.0
f5 big-ip_policy_enforcement_manager 12.1.0
f5 big-ip_policy_enforcement_manager 12.1.1
f5 big-ip_policy_enforcement_manager 12.1.2
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_websafe 11.6.0
f5 big-ip_websafe 11.6.1
f5 big-ip_websafe 12.0.0
f5 big-ip_websafe 12.1.0
f5 big-ip_websafe 12.1.1
f5 big-ip_websafe 12.1.2


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2B502F2-404C-463B-B6BE-87489DC881F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82C7B1C-E195-4D94-B604-78FB464C4F81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F6C3144-D0DE-4248-BFCD-04A7E6104044",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0357B5ED-0600-4756-93E5-692987068596",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BE0210-7058-462A-BA17-845D3E4F52FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECA90FB8-E2CD-400F-B753-1B482E7FAC96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FEC804B-35DB-4A0C-9AEA-15527E0CC1B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEB228A9-0C01-4531-B2B2-38BB7B0E02E9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FDC1C0F-A00A-456C-AB51-CD139B15CB61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBAB92C5-2D50-49CC-AECA-0D16BC44A788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC827031-CA39-4081-8CE0-30EAC78DF756",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7569903B-3A15-4A10-863B-6828337DD268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "45825991-D17D-42F1-87B4-7DF86B098B45",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A065BC0-56BD-4665-A860-EBA37F1A4D8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "77192AFB-B612-4BAA-916C-3DF8E851CC2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE295AF6-2B35-467F-8501-B5753CDDE16C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3C03B68-914F-4DB0-A832-B626B8746524",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E33BCA5B-CE91-451C-9821-2023A9E461C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2044C-AC6F-4145-B1A0-8EB26DCF1F8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FC866D4-CE8C-4408-AD1E-8643AC554CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7563D979-BE37-4251-B92E-0DBDBE53F3FF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94DBCD7A-E4DA-4C08-87A4-960CF53A83E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB2118A-0F9C-4273-BB07-85FEA32C785B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8541C9EF-69A8-4641-B173-3BCE0EDD20A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E24A3C71-0075-4738-B114-267337D050CD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DD7394-BD0A-42FD-A367-827F35397A20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "98509F74-301A-4D1F-A2B4-B01B80CEFFCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E87FFF5F-5BB1-4E2F-BD15-3BA7C9B26FEA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "911BB6DB-B2D1-4855-A65C-F0799E034358",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C641B4F-DCFF-4A1B-9E00-EDF18A270241",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBBB6E7C-DA1A-479F-9DD2-DE0C3CA82E92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4913B437-33FF-4B5E-A855-9DA00B35E3B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDCFE65B-340B-4F7D-93A1-4390BBC8E67F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1EA4F45-35F7-4687-8D1A-A5ACD846500A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "64273A2C-E5A1-4605-92DD-EBECC7F051D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E60CA151-1C3A-45B3-B939-E6F80063C595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "58BAD5A9-9C67-4056-9344-07C8C42C8E88",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "228D5DA1-C78A-4E05-997A-50F6C1B59593",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "452C59B8-230D-4FC0-B76D-FA6E381E3713",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EE1EEA6-1E25-4A90-91A1-386D19808557",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A05340-0AE2-49CA-903F-44383421577E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "583F134E-1616-44F2-8EF0-0CFA5CCEF0AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "86D0731D-E9DA-4056-9AC6-F204C2F915F7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In F5 BIG-IP 11.2.1, 11.4.0 through 11.6.1, and 12.0.0 through 12.1.2, an unauthenticated user with access to the control plane may be able to delete arbitrary files through an undisclosed mechanism."
    },
    {
      "lang": "es",
      "value": "En F5 BIG-IP 11.2.1, 11.4.0 a 11.6.1 y 12.0.0 a 12.1.2, un usuario no autenticado con acceso al panel de control puede ser capaz de borrar archivos arbitrarios a trav\u00e9s de un mecanismo no revelado."
    }
  ],
  "id": "CVE-2016-9250",
  "lastModified": "2024-11-21T03:00:51.030",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-05-10T14:29:00.627",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K55792317"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K55792317"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2015-11-06 18:59
Modified
2024-11-21 02:35
Severity ?
Summary
The vCMP host in F5 BIG-IP Analytics, APM, ASM, GTM, Link Controller, and LTM 11.0.0 before 11.6.0, BIG-IP AAM 11.4.0 before 11.6.0, BIG-IP AFM and PEM 11.3.0 before 11.6.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0, BIG-IP PSM 11.0.0 through 11.4.1 allows remote attackers to cause a denial of service via "malicious traffic."
References
cve@mitre.orghttp://www.securitytracker.com/id/1033952
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/17000/300/sol17386.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033952
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/17000/300/sol17386.htmlVendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_global_traffic_manager 11.0.0
f5 big-ip_global_traffic_manager 11.1.0
f5 big-ip_global_traffic_manager 11.2.0
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.3.0
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_access_policy_manager 11.0.0
f5 big-ip_access_policy_manager 11.1.0
f5 big-ip_access_policy_manager 11.2.0
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.3.0
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_webaccelerator 11.0.0
f5 big-ip_webaccelerator 11.1.0
f5 big-ip_webaccelerator 11.2.0
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_webaccelerator 11.3.0
f5 big-ip_application_security_manager 11.0.0
f5 big-ip_application_security_manager 11.1.0
f5 big-ip_application_security_manager 11.2.0
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.3.0
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.3.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_wan_optimization_manager 11.0.0
f5 big-ip_wan_optimization_manager 11.1.0
f5 big-ip_wan_optimization_manager 11.2.0
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_wan_optimization_manager 11.3.0
f5 big-ip_protocol_security_module 11.0.0
f5 big-ip_protocol_security_module 11.1.0
f5 big-ip_protocol_security_module 11.2.0
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_edge_gateway 11.0.0
f5 big-ip_edge_gateway 11.1.0
f5 big-ip_edge_gateway 11.2.0
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_edge_gateway 11.3.0
f5 big-ip_advanced_firewall_manager 11.3.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_link_controller 11.0.0
f5 big-ip_link_controller 11.1.0
f5 big-ip_link_controller 11.2.0
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.3.0
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.5.3
f5 big-ip_analytics 11.0.0
f5 big-ip_analytics 11.1.0
f5 big-ip_analytics 11.2.0
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.3.0
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.5.3
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.5.3


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The vCMP host in F5 BIG-IP Analytics, APM, ASM, GTM, Link Controller, and LTM 11.0.0 before 11.6.0, BIG-IP AAM 11.4.0 before 11.6.0, BIG-IP AFM and PEM 11.3.0 before 11.6.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0, BIG-IP PSM 11.0.0 through 11.4.1 allows remote attackers to cause a denial of service via \"malicious traffic.\""
    },
    {
      "lang": "es",
      "value": "El host vCMP en F5 BIG-IP Analytics, APM, ASM, GTM, Link Controller y LTM 11.0.0 en versiones anteriores a 11.6.0, BIG-IP AAM 11.4.0 en versiones anteriores a 11.6.0, BIG-IP AFM y PEM 11.3.0 en versiones anteriores a 11.6.0, BIG-IP Edge Gateway, WebAccelerator y WOM 11.0.0 hasta la versi\u00f3n 11.3.0, BIG-IP PSM 11.0.0 hasta la versi\u00f3n 11.4.1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio a trav\u00e9s de \u0027tr\u00e1fico malicioso\u0027."
    }
  ],
  "id": "CVE-2015-6546",
  "lastModified": "2024-11-21T02:35:11.760",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-11-06T18:59:01.847",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1033952"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/17000/300/sol17386.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1033952"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/17000/300/sol17386.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2015-12-07 20:59
Modified
2024-11-21 02:29
Severity ?
Summary
The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP AAM 11.4.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0, BIG-IP GTM 11.3.0 before 11.6.0 HF6, BIG-IP PSM 11.3.0 through 11.4.1, Enterprise Manager 3.1.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote authenticated users with the "Resource Administrator" role to gain privileges via an iCall (1) script or (2) handler in a SOAP request to iControl/iControlPortal.cgi.
References
cve@mitre.orghttp://packetstormsecurity.com/files/134434/F5-iControl-iCall-Script-Root-Command-Execution.htmlExploit
cve@mitre.orghttp://www.rapid7.com/db/modules/exploit/linux/http/f5_icall_cmdExploit
cve@mitre.orghttp://www.securitytracker.com/id/1034306
cve@mitre.orghttp://www.securitytracker.com/id/1034307
cve@mitre.orghttps://gdssecurity.squarespace.com/labs/2015/9/8/f5-icallscript-privilege-escalation-cve-2015-3628.html
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/16000/700/sol16728.htmlVendor Advisory
cve@mitre.orghttps://www.exploit-db.com/exploits/38764/
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/134434/F5-iControl-iCall-Script-Root-Command-Execution.htmlExploit
af854a3a-2127-422b-91ae-364da2661108http://www.rapid7.com/db/modules/exploit/linux/http/f5_icall_cmdExploit
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1034306
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1034307
af854a3a-2127-422b-91ae-364da2661108https://gdssecurity.squarespace.com/labs/2015/9/8/f5-icallscript-privilege-escalation-cve-2015-3628.html
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/16000/700/sol16728.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/38764/
Impacted products
Vendor Product Version
f5 big-iq_security 4.0.0
f5 big-iq_security 4.1.0
f5 big-iq_security 4.2.0
f5 big-iq_security 4.3.0
f5 big-iq_security 4.4.0
f5 big-iq_security 4.5.0
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_wan_optimization_manager 11.3.0
f5 big-iq_adc 4.5.0
f5 big-ip_application_security_manager 11.3.0
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_global_traffic_manager 11.3.0
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.6.0
f5 big-iq_device 4.2.0
f5 big-iq_device 4.3.0
f5 big-iq_device 4.4.0
f5 big-iq_device 4.5.0
f5 big-ip_edge_gateway 11.3.0
f5 big-ip_local_traffic_manager 11.3.0
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.5.3
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_access_policy_manager 11.3.0
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_policy_enforcement_manager 11.3.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-iq_cloud 4.0.0
f5 big-iq_cloud 4.1.0
f5 big-iq_cloud 4.2.0
f5 big-iq_cloud 4.3.0
f5 big-iq_cloud 4.4.0
f5 big-iq_cloud 4.5.0
f5 big-ip_analytics 11.3.0
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.5.3
f5 big-ip_analytics 11.6.0
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_webaccelerator 11.3.0
f5 big-ip_link_controller 11.3.0
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.6.0
f5 big-ip_enterprise_manager 3.0.0
f5 big-ip_enterprise_manager 3.1.0
f5 big-ip_enterprise_manager 3.1.1
f5 big-ip_advanced_firewall_manager 11.3.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.6.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0303BEA3-02EB-4F7C-96C5-29E231832CEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27CAD4CD-9228-4DE5-A333-2862AC18F24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC1A702-0CCB-48F9-A42E-D8C756DD9D76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9768142-C554-44DE-B8D5-45CB51E3C34C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9538F63-3DC9-42CC-87D5-3CA048AE52A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D88F8F3B-DD8B-4BB3-BB68-C43583318400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677AF16-146D-41A5-ABF3-56DB9C0D6CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3471D34-A76C-498A-8C45-1553A579A88B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13753E9F-11AA-41F4-930E-BD9866D03396",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D04FC0C-5E44-4DAD-9542-C772EA35916C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADE47FF9-E13D-41D3-BEA2-EF1B973CB0A9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP AAM 11.4.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0, BIG-IP GTM 11.3.0 before 11.6.0 HF6, BIG-IP PSM 11.3.0 through 11.4.1, Enterprise Manager 3.1.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote authenticated users with the \"Resource Administrator\" role to gain privileges via an iCall (1) script or (2) handler in a SOAP request to iControl/iControlPortal.cgi."
    },
    {
      "lang": "es",
      "value": "La API iControl en F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller y PEM 11.3.0 en versiones anteriores a 11.5.3 HF2 y 11.6.0 en versiones anteriores a 11.6.0 HF6, BIG-IP AAM 11.4.0 en versiones anteriores a 11.5.3 HF2 y 11.6.0 en versiones anteriores a 11.6.0 HF6, BIG-IP Edge Gateway, WebAccelerator y WOM 11.3.0, BIG-IP GTM 11.3.0 en versiones anteriores a 11.6.0 HF6, BIG-IP PSM 11.3.0 hasta la versi\u00f3n 11.4.1, Enterprise Manager 3.1.0 hasta la versi\u00f3n 3.1.1, BIG-IQ Cloud and Security 4.0.0 hasta la versi\u00f3n 4.5.0, BIG-IQ Device 4.2.0 hasta la versi\u00f3n 4.5.0 y BIG-IQ ADC 4.5.0 permiten a usuarios remotos autenticados con el rol \u0027Resource Administrator\u0027 obtener privilegios a trav\u00e9s de (1) una secuencia de comandos o (2) un manejador iCall en una petici\u00f3n SOAP aiControl/iControlPortal.cgi."
    }
  ],
  "id": "CVE-2015-3628",
  "lastModified": "2024-11-21T02:29:31.077",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-12-07T20:59:04.587",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/134434/F5-iControl-iCall-Script-Root-Command-Execution.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.rapid7.com/db/modules/exploit/linux/http/f5_icall_cmd"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1034306"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1034307"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://gdssecurity.squarespace.com/labs/2015/9/8/f5-icallscript-privilege-escalation-cve-2015-3628.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/16000/700/sol16728.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.exploit-db.com/exploits/38764/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/134434/F5-iControl-iCall-Script-Root-Command-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.rapid7.com/db/modules/exploit/linux/http/f5_icall_cmd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034306"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034307"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://gdssecurity.squarespace.com/labs/2015/9/8/f5-icallscript-privilege-escalation-cve-2015-3628.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/16000/700/sol16728.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/38764/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-02-21 18:15
Modified
2024-11-21 01:53
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a "BREACH" attack, a different issue than CVE-2012-4929.
References
cret@cert.orghttp://breachattack.com/Third Party Advisory
cret@cert.orghttp://github.com/meldium/breach-mitigation-railsThird Party Advisory
cret@cert.orghttp://security.stackexchange.com/questions/20406/is-http-compression-safe#20407Exploit, Third Party Advisory
cret@cert.orghttp://slashdot.org/story/13/08/05/233216Third Party Advisory
cret@cert.orghttp://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdfThird Party Advisory
cret@cert.orghttp://www.kb.cert.org/vuls/id/987798Third Party Advisory, US Government Resource
cret@cert.orghttps://bugzilla.redhat.com/show_bug.cgi?id=995168Issue Tracking, Third Party Advisory
cret@cert.orghttps://hackerone.com/reports/254895Exploit, Third Party Advisory
cret@cert.orghttps://lists.apache.org/thread.html/r7f0e9cfd166934172d43ca4c272b8bdda4a343036229d9937affd1e1%40%3Cdev.httpd.apache.org%3E
cret@cert.orghttps://support.f5.com/csp/article/K14634Third Party Advisory
cret@cert.orghttps://www.blackhat.com/us-13/briefings.html#PradoThird Party Advisory
cret@cert.orghttps://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://breachattack.com/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://github.com/meldium/breach-mitigation-railsThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://security.stackexchange.com/questions/20406/is-http-compression-safe#20407Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://slashdot.org/story/13/08/05/233216Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdfThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/987798Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=995168Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://hackerone.com/reports/254895Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r7f0e9cfd166934172d43ca4c272b8bdda4a343036229d9937affd1e1%40%3Cdev.httpd.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K14634Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.blackhat.com/us-13/briefings.html#PradoThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/Third Party Advisory
Impacted products
Vendor Product Version
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager 13.0.0
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager 13.0.0
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics 13.0.0
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager 13.0.0
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager 13.0.0
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller 13.0.0
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager 13.0.0
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager 13.0.0
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_wan_optimization_manager *
f5 big-ip_wan_optimization_manager *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 firepass *
f5 firepass 7.0.0
f5 arx *
f5 arx *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57AB5137-9797-4BA3-8725-40494DA8FFB2",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ACC0695-E62E-4748-AA8A-46772EB8C83C",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF89E7C-806E-4800-BAA9-0225433B6C56",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "59217FC1-AFB3-479F-A369-9C7FB3DD29F0",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "93212B86-21EA-4340-9149-E58F65285C15",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C4E5F36-434B-48E1-9715-4EEC22FB23D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FCA781F-8728-4ECB-85D1-1E0AE4EEFC2B",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25944BCA-3EEB-4396-AC8F-EF58834BC47E",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "34D75E7F-B65F-421D-92EE-6B20756019C2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70FB5FD7-4B96-438C-AAD3-D2E128DAA8BF",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "39E45CF5-C9E4-4AB9-A6D5-66F8336DDB79",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6034A531-6A0E-4086-A76F-91C3F62C7994",
              "versionEndIncluding": "9.4.8",
              "versionStartIncluding": "9.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "667D3780-3949-41AC-83DE-5BCB8B36C382",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDDD9D77-12B6-40F4-B819-2515D357A91A",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CB146EF-CCAB-4194-9735-F8909E283308",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7569977A-E567-4115-B00C-4B0CBA86582E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E27C5743-4F94-4A1C-AD8C-25D29B65BF95",
              "versionEndIncluding": "9.4.8",
              "versionStartIncluding": "9.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D413BDC-8B60-494A-A218-75EAF09D1495",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4A5CD9B-D257-4EC9-8C57-D9552C2FFFFC",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2C4414E-8016-48B5-8CC3-F97FF2D85922",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F293F06-4601-4074-A695-2C229CF8D126",
              "versionEndIncluding": "9.6.1",
              "versionStartIncluding": "9.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "439927F5-ECDA-4DD8-BA75-97E55C9E584F",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F5FF67-5D17-4760-AFDC-4234EC1E6306",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA7D64DC-7271-4617-BD46-99C8246779CA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "632BD15C-04E6-4FD9-9410-6DE9E48F926A",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDE77CCE-7F97-48EA-A9D3-090B1481616F",
              "versionEndIncluding": "12.1.2",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "42821916-E601-4831-B37B-3202ACF2C562",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5522F58E-C4EA-40B4-8F44-3E95315D37EA",
              "versionEndIncluding": "9.4.8",
              "versionStartIncluding": "9.4.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0B4C01-C71E-4E35-B63A-68395984E033",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9828CBA5-BB72-46E2-987D-633A5B3E2AFF",
              "versionEndIncluding": "11.4.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F383EBC-4739-4514-9EC0-BE17AC453735",
              "versionEndIncluding": "9.4.8",
              "versionStartIncluding": "9.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:firepass:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15CE213B-F42C-4C2E-AFBD-852AB049FF8A",
              "versionEndIncluding": "6.1.0",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "442D343A-973B-4C33-B99B-1EA2B7670DE5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:arx:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "794651B6-E22C-4A6F-9B1F-AA94BEDD44FF",
              "versionEndIncluding": "5.3.1",
              "versionStartIncluding": "5.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:arx:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F20E6644-F925-4283-AD92-7B0696F52310",
              "versionEndIncluding": "6.4.0",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a \"BREACH\" attack, a different issue than CVE-2012-4929."
    },
    {
      "lang": "es",
      "value": "El protocolo HTTPS, como es usado en aplicaciones web no especificadas, puede cifrar datos comprimidos sin ofuscar apropiadamente la longitud de los datos no cifrados, facilitando a atacantes de tipo \"man-in-the-middle\" obtener valores secretos en texto plano al observar las diferencias de longitud durante una serie de adivinaciones en las que una cadena en una URL de peticiones HTTP coincide potencialmente con una cadena desconocida en un cuerpo de respuesta HTTP, tambi\u00e9n se conoce como ataque \"BREACH\", un problema diferente de CVE-2012-4929."
    }
  ],
  "id": "CVE-2013-3587",
  "lastModified": "2024-11-21T01:53:56.283",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-02-21T18:15:11.427",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://breachattack.com/"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://github.com/meldium/breach-mitigation-rails"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://security.stackexchange.com/questions/20406/is-http-compression-safe#20407"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://slashdot.org/story/13/08/05/233216"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdf"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/987798"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=995168"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://hackerone.com/reports/254895"
    },
    {
      "source": "cret@cert.org",
      "url": "https://lists.apache.org/thread.html/r7f0e9cfd166934172d43ca4c272b8bdda4a343036229d9937affd1e1%40%3Cdev.httpd.apache.org%3E"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K14634"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.blackhat.com/us-13/briefings.html#Prado"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://breachattack.com/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://github.com/meldium/breach-mitigation-rails"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://security.stackexchange.com/questions/20406/is-http-compression-safe#20407"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://slashdot.org/story/13/08/05/233216"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/987798"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=995168"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://hackerone.com/reports/254895"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r7f0e9cfd166934172d43ca4c272b8bdda4a343036229d9937affd1e1%40%3Cdev.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K14634"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.blackhat.com/us-13/briefings.html#Prado"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2016-01-12 20:59
Modified
2024-11-21 02:36
Severity ?
7.4 (High) - CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors.
References
cve@mitre.orghttp://securitytracker.com/id/1034632
cve@mitre.orghttp://www.securitytracker.com/id/1034633
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id/1034632
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1034633
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.htmlVendor Advisory
Impacted products
Vendor Product Version
f5 big-iq_application_delivery_controller 4.5.0
f5 big-ip_application_security_manager 11.2.0
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.3.0
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_application_security_manager 12.0.0
f5 big-iq_security 4.0.0
f5 big-iq_security 4.1.0
f5 big-iq_security 4.2.0
f5 big-iq_security 4.3.0
f5 big-iq_security 4.4.0
f5 big-iq_security 4.5.0
f5 big-ip_wan_optimization_manager 11.2.0
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_wan_optimization_manager 11.3.0
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.3.0
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_global_traffic_manager11.2.0 *
f5 big-iq_centralized_management 4.6.0
f5 big-ip_analytics 11.0.0
f5 big-ip_analytics 11.1.0
f5 big-ip_analytics 11.2.0
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.3.0
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.6.0
f5 big-ip_analytics 12.0.0
f5 big-ip_advanced_firewall_manager 11.3.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_advanced_firewall_manager 12.0.0
f5 big-ip_domain_name_system 12.0.0
f5 big-ip_protocol_security_module 11.2.0
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-iq_cloud 4.0.0
f5 big-iq_cloud 4.1.0
f5 big-iq_cloud 4.2.0
f5 big-iq_cloud 4.3.0
f5 big-iq_cloud 4.4.0
f5 big-iq_cloud 4.5.0
f5 big-iq_cloud_and_orchestration 1.0.0
f5 big-ip_policy_enforcement_manager 11.3.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_policy_enforcement_manager 12.0.0
f5 big-ip_access_policy_manager 11.2.0
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.3.0
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_access_policy_manager 12.0.0
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_acceleration_manager 12.0.0
f5 big-ip_edge_gateway 11.2.0
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_edge_gateway 11.3.0
f5 big-iq_device 4.2.0
f5 big-iq_device 4.3.0
f5 big-iq_device 4.4.0
f5 big-iq_device 4.5.0
f5 big-ip_local_traffic_manager 11.2.0
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.3.0
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_local_traffic_manager 12.0.0
f5 big-ip_webaccelerator 11.2.0
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_webaccelerator 11.3.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0303BEA3-02EB-4F7C-96C5-29E231832CEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27CAD4CD-9228-4DE5-A333-2862AC18F24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC1A702-0CCB-48F9-A42E-D8C756DD9D76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager11.2.0:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96D10DFA-DA4D-4A57-AE06-57D9886A6F67",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D88F8F3B-DD8B-4BB3-BB68-C43583318400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677AF16-146D-41A5-ABF3-56DB9C0D6CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3471D34-A76C-498A-8C45-1553A579A88B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9538F63-3DC9-42CC-87D5-3CA048AE52A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ Security 4.0.0 through 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0, and BIG-IQ Cloud and Orchestration 1.0.0 allows local users with advanced shell (bash) access to gain privileges via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "dcoep en BIG-IP LTM, Analytics, APM, ASM y Link Controller 11.2.0 hasta la versi\u00f3n 11.6.0 y 12.0.0 en versiones anteriores a 12.0.0 HF1, BIG-IP AAM 11.4.0 hasta la versi\u00f3n 11.6.0 y 12.0.0 en versiones anteriores a 12.0.0 HF1, BIG-IP AFM y PEM 11.3.0 hasta la versi\u00f3n 11.6.0 y 12.0.0 en versiones anteriores a 12.0.0 HF1, BIG-IP DNS 12.0.0 en versiones anteriores a 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator y WOM 11.2.0 hasta la versi\u00f3n 11.3.0, BIG-IP GTM 11.2.0 hasta la versi\u00f3n 11.6.0, BIG-IP PSM 11.2.0 hasta la versi\u00f3n 11.4.1, Enterprise Manager 3.0.0 hasta la versi\u00f3n 3.1.1, BIG-IQ Cloud 4.0.0 hasta la versi\u00f3n 4.5.0, BIG-IQ Device 4.2.0 hasta la versi\u00f3n 4.5.0, BIG-IQ Security 4.0.0 hasta la versi\u00f3n 4.5.0, BIG-IQ ADC 4.5.0, BIG-IQ Centralized Management 4.6.0 y BIG-IQ Cloud y Orchestration 1.0.0 permite a usuarios locales con acceso shell (bash) avanzado obtener privilegios a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2015-7393",
  "lastModified": "2024-11-21T02:36:42.707",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.4,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-01-12T20:59:00.120",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id/1034632"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1034633"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id/1034632"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034633"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/75/sol75136237.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2014-09-24 18:48
Modified
2025-01-06 19:36
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
References
security@debian.orghttp://advisories.mageia.org/MGASA-2014-0388.htmlThird Party Advisory
security@debian.orghttp://archives.neohapsis.com/archives/bugtraq/2014-10/0101.htmlBroken Link, Third Party Advisory
security@debian.orghttp://jvn.jp/en/jp/JVN55667175/index.htmlVendor Advisory
security@debian.orghttp://jvndb.jvn.jp/jvndb/JVNDB-2014-000126Third Party Advisory, VDB Entry, Vendor Advisory
security@debian.orghttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673Third Party Advisory
security@debian.orghttp://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.htmlExploit, Issue Tracking, Third Party Advisory
security@debian.orghttp://linux.oracle.com/errata/ELSA-2014-1293.htmlThird Party Advisory
security@debian.orghttp://linux.oracle.com/errata/ELSA-2014-1294.htmlThird Party Advisory
security@debian.orghttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.htmlMailing List, Third Party Advisory
security@debian.orghttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.htmlMailing List, Third Party Advisory
security@debian.orghttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.htmlMailing List, Third Party Advisory
security@debian.orghttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.htmlMailing List, Third Party Advisory
security@debian.orghttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.htmlMailing List, Third Party Advisory
security@debian.orghttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.htmlMailing List, Third Party Advisory
security@debian.orghttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.htmlMailing List, Third Party Advisory
security@debian.orghttp://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.htmlMailing List, Third Party Advisory
security@debian.orghttp://lists.opensuse.org/opensuse-updates/2014-10/msg00023.htmlMailing List, Third Party Advisory
security@debian.orghttp://lists.opensuse.org/opensuse-updates/2014-10/msg00025.htmlMailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141216207813411&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141216668515282&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141235957116749&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141319209015420&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141330425327438&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141330468527613&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141345648114150&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141383026420882&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141383081521087&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141383138121313&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141383196021590&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141383244821813&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141383304022067&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141383353622268&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141383465822787&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141450491804793&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141576728022234&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141577137423233&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141577241923505&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141577297623641&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141585637922673&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141694386919794&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141879528318582&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=141879528318582&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=142113462216480&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=142113462216480&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=142118135300698&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=142118135300698&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=142118135300698&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=142358026505815&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=142358026505815&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=142358078406056&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=142546741516006&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=142719845423222&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=142719845423222&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=142721162228379&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=142721162228379&w=2Mailing List, Third Party Advisory
security@debian.orghttp://marc.info/?l=bugtraq&m=142805027510172&w=2Mailing List, Third Party Advisory
security@debian.orghttp://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.htmlExploit, Third Party Advisory, VDB Entry
security@debian.orghttp://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.htmlExploit, Third Party Advisory, VDB Entry
security@debian.orghttp://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.htmlExploit, Third Party Advisory, VDB Entry
security@debian.orghttp://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.htmlExploit, Third Party Advisory, VDB Entry
security@debian.orghttp://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.htmlThird Party Advisory, VDB Entry
security@debian.orghttp://rhn.redhat.com/errata/RHSA-2014-1293.htmlThird Party Advisory
security@debian.orghttp://rhn.redhat.com/errata/RHSA-2014-1294.htmlThird Party Advisory
security@debian.orghttp://rhn.redhat.com/errata/RHSA-2014-1295.htmlThird Party Advisory
security@debian.orghttp://rhn.redhat.com/errata/RHSA-2014-1354.htmlThird Party Advisory
security@debian.orghttp://seclists.org/fulldisclosure/2014/Oct/0Mailing List, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/58200Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/59272Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/59737Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/59907Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/60024Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/60034Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/60044Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/60055Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/60063Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/60193Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/60325Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/60433Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/60947Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61065Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61128Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61129Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61188Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61283Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61287Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61291Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61312Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61313Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61328Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61442Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61471Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61485Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61503Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61542Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61547Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61550Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61552Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61565Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61603Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61633Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61641Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61643Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61654Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61676Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61700Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61703Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61711Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61715Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61780Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61816Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61855Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61857Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/61873Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/62228Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/62312Broken Link, Third Party Advisory
security@debian.orghttp://secunia.com/advisories/62343Broken Link, Third Party Advisory
security@debian.orghttp://support.apple.com/kb/HT6495Third Party Advisory
security@debian.orghttp://support.novell.com/security/cve/CVE-2014-6271.htmlThird Party Advisory
security@debian.orghttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bashThird Party Advisory
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=isg3T1021272Third Party Advisory
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=isg3T1021279Third Party Advisory
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=isg3T1021361Third Party Advisory
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879Third Party Advisory
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897Third Party Advisory
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898Third Party Advisory
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915Third Party Advisory
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21685541Third Party Advisory
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21685604Third Party Advisory
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21685733Third Party Advisory
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21685749Third Party Advisory
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21685914Broken Link, Third Party Advisory
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21686084Third Party Advisory
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21686131Third Party Advisory
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21686246Third Party Advisory
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21686445Third Party Advisory
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21686447Third Party Advisory
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21686479Broken Link, Third Party Advisory
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21686494Third Party Advisory
security@debian.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21687079Third Party Advisory
security@debian.orghttp://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315Broken Link, Third Party Advisory
security@debian.orghttp://www.debian.org/security/2014/dsa-3032Mailing List, Third Party Advisory
security@debian.orghttp://www.kb.cert.org/vuls/id/252743Third Party Advisory, US Government Resource
security@debian.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2015:164Broken Link, Third Party Advisory
security@debian.orghttp://www.novell.com/support/kb/doc.php?id=7015701Third Party Advisory
security@debian.orghttp://www.novell.com/support/kb/doc.php?id=7015721Third Party Advisory
security@debian.orghttp://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.htmlThird Party Advisory
security@debian.orghttp://www.qnap.com/i/en/support/con_show.php?cid=61Third Party Advisory
security@debian.orghttp://www.securityfocus.com/archive/1/533593/100/0/threadedBroken Link, Third Party Advisory, VDB Entry
security@debian.orghttp://www.securityfocus.com/bid/70103Broken Link, Third Party Advisory, VDB Entry
security@debian.orghttp://www.ubuntu.com/usn/USN-2362-1Third Party Advisory
security@debian.orghttp://www.us-cert.gov/ncas/alerts/TA14-268AThird Party Advisory, US Government Resource
security@debian.orghttp://www.vmware.com/security/advisories/VMSA-2014-0010.htmlThird Party Advisory
security@debian.orghttp://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0Broken Link, Third Party Advisory
security@debian.orghttps://access.redhat.com/articles/1200223Exploit, Third Party Advisory
security@debian.orghttps://access.redhat.com/node/1200223Exploit, Third Party Advisory
security@debian.orghttps://bugzilla.redhat.com/show_bug.cgi?id=1141597Issue Tracking, Patch
security@debian.orghttps://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+FixesBroken Link, Third Party Advisory
security@debian.orghttps://kb.bluecoat.com/index?page=content&id=SA82Broken Link, Third Party Advisory
security@debian.orghttps://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648Third Party Advisory
security@debian.orghttps://kc.mcafee.com/corporate/index?page=content&id=SB10085Broken Link, Third Party Advisory
security@debian.orghttps://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/Exploit, Third Party Advisory
security@debian.orghttps://support.apple.com/kb/HT6535Third Party Advisory
security@debian.orghttps://support.citrix.com/article/CTX200217Third Party Advisory
security@debian.orghttps://support.citrix.com/article/CTX200223Permissions Required
security@debian.orghttps://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.htmlThird Party Advisory
security@debian.orghttps://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075Third Party Advisory
security@debian.orghttps://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183Broken Link, Third Party Advisory
security@debian.orghttps://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlertsThird Party Advisory
security@debian.orghttps://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006Third Party Advisory
security@debian.orghttps://www.exploit-db.com/exploits/34879/Exploit, Third Party Advisory, VDB Entry
security@debian.orghttps://www.exploit-db.com/exploits/37816/Exploit, Third Party Advisory, VDB Entry
security@debian.orghttps://www.exploit-db.com/exploits/38849/Exploit, Third Party Advisory, VDB Entry
security@debian.orghttps://www.exploit-db.com/exploits/39918/Exploit, Third Party Advisory, VDB Entry
security@debian.orghttps://www.exploit-db.com/exploits/40619/Exploit, Third Party Advisory, VDB Entry
security@debian.orghttps://www.exploit-db.com/exploits/40938/Exploit, Third Party Advisory, VDB Entry
security@debian.orghttps://www.exploit-db.com/exploits/42938/Exploit, Third Party Advisory, VDB Entry
security@debian.orghttps://www.suse.com/support/shellshock/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://advisories.mageia.org/MGASA-2014-0388.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.htmlBroken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://jvn.jp/en/jp/JVN55667175/index.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126Third Party Advisory, VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.htmlExploit, Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://linux.oracle.com/errata/ELSA-2014-1293.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://linux.oracle.com/errata/ELSA-2014-1294.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141216207813411&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141216668515282&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141235957116749&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141319209015420&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141330425327438&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141330468527613&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141345648114150&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141383026420882&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141383081521087&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141383138121313&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141383196021590&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141383244821813&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141383304022067&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141383353622268&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141383465822787&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141450491804793&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141576728022234&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141577137423233&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141577241923505&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141577297623641&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141585637922673&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141694386919794&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141879528318582&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141879528318582&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142113462216480&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142113462216480&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142118135300698&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142118135300698&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142118135300698&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142358026505815&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142358026505815&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142358078406056&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142546741516006&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142719845423222&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142719845423222&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142721162228379&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142721162228379&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142805027510172&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.htmlExploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.htmlExploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.htmlExploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.htmlExploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-1293.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-1294.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-1295.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-1354.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2014/Oct/0Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/58200Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59272Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59737Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59907Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60024Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60034Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60044Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60055Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60063Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60193Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60325Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60433Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60947Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61065Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61128Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61129Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61188Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61283Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61287Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61291Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61312Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61313Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61328Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61442Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61471Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61485Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61503Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61542Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61547Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61550Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61552Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61565Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61603Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61633Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61641Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61643Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61654Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61676Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61700Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61703Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61711Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61715Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61780Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61816Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61855Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61857Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61873Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/62228Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/62312Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/62343Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT6495Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/security/cve/CVE-2014-6271.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bashThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21685541Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21685604Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21685733Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21685749Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21685914Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21686084Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21686131Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21686246Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21686445Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21686447Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21686479Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21686494Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21687079Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2014/dsa-3032Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/252743Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2015:164Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/support/kb/doc.php?id=7015701Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/support/kb/doc.php?id=7015721Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.qnap.com/i/en/support/con_show.php?cid=61Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/533593/100/0/threadedBroken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/70103Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2362-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/ncas/alerts/TA14-268AThird Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2014-0010.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/articles/1200223Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/node/1200223Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=1141597Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+FixesBroken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://kb.bluecoat.com/index?page=content&id=SA82Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://kc.mcafee.com/corporate/index?page=content&id=SB10085Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.apple.com/kb/HT6535Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.citrix.com/article/CTX200217Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.citrix.com/article/CTX200223Permissions Required
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlertsThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/34879/Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/37816/Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/38849/Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/39918/Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/40619/Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/40938/Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/42938/Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.suse.com/support/shellshock/Third Party Advisory
Impacted products
Vendor Product Version
gnu bash *
arista eos *
arista eos *
arista eos *
arista eos *
arista eos *
arista eos *
oracle linux 4
oracle linux 5
oracle linux 6
qnap qts *
qnap qts 4.1.1
qnap qts 4.1.1
mageia mageia 3.0
mageia mageia 4.0
redhat gluster_storage_server_for_on-premise 2.1
redhat virtualization 3.4
redhat enterprise_linux 4.0
redhat enterprise_linux 5.0
redhat enterprise_linux 6.0
redhat enterprise_linux 7.0
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_eus 6.4
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.6
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_for_ibm_z_systems 5.9_s390x
redhat enterprise_linux_for_ibm_z_systems 6.4_s390x
redhat enterprise_linux_for_ibm_z_systems 6.5_s390x
redhat enterprise_linux_for_ibm_z_systems 7.3_s390x
redhat enterprise_linux_for_ibm_z_systems 7.4_s390x
redhat enterprise_linux_for_ibm_z_systems 7.5_s390x
redhat enterprise_linux_for_ibm_z_systems 7.6_s390x
redhat enterprise_linux_for_ibm_z_systems 7.7_s390x
redhat enterprise_linux_for_power_big_endian 5.0_ppc
redhat enterprise_linux_for_power_big_endian 5.9_ppc
redhat enterprise_linux_for_power_big_endian 6.0_ppc64
redhat enterprise_linux_for_power_big_endian 6.4_ppc64
redhat enterprise_linux_for_power_big_endian 7.0_ppc64
redhat enterprise_linux_for_power_big_endian_eus 6.5_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.3_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.4_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.5_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.6_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.7_ppc64
redhat enterprise_linux_for_scientific_computing 6.0
redhat enterprise_linux_for_scientific_computing 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_server_aus 5.6
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_server_aus 6.2
redhat enterprise_linux_server_aus 6.4
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_server_from_rhui 5.0
redhat enterprise_linux_server_from_rhui 6.0
redhat enterprise_linux_server_from_rhui 7.0
redhat enterprise_linux_server_tus 6.5
redhat enterprise_linux_server_tus 7.3
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_workstation 7.0
suse studio_onsite 1.3
opensuse opensuse 12.3
opensuse opensuse 13.1
opensuse opensuse 13.2
suse linux_enterprise_desktop 11
suse linux_enterprise_desktop 12
suse linux_enterprise_server 10
suse linux_enterprise_server 10
suse linux_enterprise_server 11
suse linux_enterprise_server 11
suse linux_enterprise_server 11
suse linux_enterprise_server 11
suse linux_enterprise_server 12
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 12
debian debian_linux 7.0
ibm infosphere_guardium_database_activity_monitoring 8.2
ibm infosphere_guardium_database_activity_monitoring 9.0
ibm infosphere_guardium_database_activity_monitoring 9.1
ibm pureapplication_system *
ibm pureapplication_system *
ibm pureapplication_system 2.0.0.0
ibm qradar_risk_manager 7.1.0
ibm qradar_security_information_and_event_manager 7.1.0
ibm qradar_security_information_and_event_manager 7.1.0
ibm qradar_security_information_and_event_manager 7.1.0
ibm qradar_security_information_and_event_manager 7.1.1
ibm qradar_security_information_and_event_manager 7.1.1
ibm qradar_security_information_and_event_manager 7.1.1
ibm qradar_security_information_and_event_manager 7.1.1
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.2
ibm qradar_security_information_and_event_manager 7.2.0
ibm qradar_security_information_and_event_manager 7.2.0
ibm qradar_security_information_and_event_manager 7.2.0
ibm qradar_security_information_and_event_manager 7.2.0
ibm qradar_security_information_and_event_manager 7.2.1
ibm qradar_security_information_and_event_manager 7.2.1
ibm qradar_security_information_and_event_manager 7.2.1
ibm qradar_security_information_and_event_manager 7.2.1
ibm qradar_security_information_and_event_manager 7.2.2
ibm qradar_security_information_and_event_manager 7.2.2
ibm qradar_security_information_and_event_manager 7.2.2
ibm qradar_security_information_and_event_manager 7.2.2
ibm qradar_security_information_and_event_manager 7.2.2
ibm qradar_security_information_and_event_manager 7.2.3
ibm qradar_security_information_and_event_manager 7.2.3
ibm qradar_security_information_and_event_manager 7.2.3
ibm qradar_security_information_and_event_manager 7.2.3
ibm qradar_security_information_and_event_manager 7.2.3
ibm qradar_security_information_and_event_manager 7.2.4
ibm qradar_security_information_and_event_manager 7.2.4
ibm qradar_security_information_and_event_manager 7.2.4
ibm qradar_security_information_and_event_manager 7.2.4
ibm qradar_security_information_and_event_manager 7.2.4
ibm qradar_security_information_and_event_manager 7.2.4
ibm qradar_security_information_and_event_manager 7.2.4
ibm qradar_security_information_and_event_manager 7.2.5
ibm qradar_security_information_and_event_manager 7.2.5
ibm qradar_security_information_and_event_manager 7.2.5
ibm qradar_security_information_and_event_manager 7.2.5
ibm qradar_security_information_and_event_manager 7.2.5
ibm qradar_security_information_and_event_manager 7.2.5
ibm qradar_security_information_and_event_manager 7.2.5
ibm qradar_security_information_and_event_manager 7.2.6
ibm qradar_security_information_and_event_manager 7.2.6
ibm qradar_security_information_and_event_manager 7.2.6
ibm qradar_security_information_and_event_manager 7.2.6
ibm qradar_security_information_and_event_manager 7.2.6
ibm qradar_security_information_and_event_manager 7.2.6
ibm qradar_security_information_and_event_manager 7.2.6
ibm qradar_security_information_and_event_manager 7.2.6
ibm qradar_security_information_and_event_manager 7.2.7
ibm qradar_security_information_and_event_manager 7.2.7
ibm qradar_security_information_and_event_manager 7.2.7
ibm qradar_security_information_and_event_manager 7.2.7
ibm qradar_security_information_and_event_manager 7.2.7
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8.15
ibm qradar_security_information_and_event_manager 7.2.9
ibm qradar_vulnerability_manager 7.2.0
ibm qradar_vulnerability_manager 7.2.1
ibm qradar_vulnerability_manager 7.2.2
ibm qradar_vulnerability_manager 7.2.3
ibm qradar_vulnerability_manager 7.2.4
ibm qradar_vulnerability_manager 7.2.6
ibm qradar_vulnerability_manager 7.2.6
ibm qradar_vulnerability_manager 7.2.6
ibm qradar_vulnerability_manager 7.2.6
ibm qradar_vulnerability_manager 7.2.6
ibm qradar_vulnerability_manager 7.2.6
ibm qradar_vulnerability_manager 7.2.6
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm smartcloud_entry_appliance 2.3.0
ibm smartcloud_entry_appliance 2.4.0
ibm smartcloud_entry_appliance 3.1.0
ibm smartcloud_entry_appliance 3.2.0
ibm smartcloud_provisioning 2.1.0
ibm software_defined_network_for_virtual_environments *
ibm software_defined_network_for_virtual_environments *
ibm software_defined_network_for_virtual_environments *
ibm starter_kit_for_cloud 2.2.0
ibm workload_deployer *
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.1
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.2
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.3
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.5
ibm security_access_manager_for_web_7.0_firmware 7.0.0.1
ibm security_access_manager_for_web_7.0_firmware 7.0.0.2
ibm security_access_manager_for_web_7.0_firmware 7.0.0.3
ibm security_access_manager_for_web_7.0_firmware 7.0.0.4
ibm security_access_manager_for_web_7.0_firmware 7.0.0.5
ibm security_access_manager_for_web_7.0_firmware 7.0.0.6
ibm security_access_manager_for_web_7.0_firmware 7.0.0.7
ibm security_access_manager_for_web_7.0_firmware 7.0.0.8
ibm security_access_manager_for_web_8.0_firmware 8.0.0.2
ibm security_access_manager_for_web_8.0_firmware 8.0.0.3
ibm security_access_manager_for_web_8.0_firmware 8.0.0.5
ibm storwize_v7000_firmware *
ibm storwize_v7000_firmware *
ibm storwize_v7000_firmware *
ibm storwize_v7000_firmware *
ibm storwize_v7000 -
ibm storwize_v5000_firmware *
ibm storwize_v5000_firmware *
ibm storwize_v5000_firmware *
ibm storwize_v5000 -
ibm storwize_v3700_firmware *
ibm storwize_v3700_firmware *
ibm storwize_v3700_firmware *
ibm storwize_v3700 -
ibm storwize_v3500_firmware *
ibm storwize_v3500_firmware *
ibm storwize_v3500_firmware *
ibm storwize_v3500 -
ibm flex_system_v7000_firmware *
ibm flex_system_v7000_firmware *
ibm flex_system_v7000_firmware *
ibm flex_system_v7000 -
ibm san_volume_controller_firmware *
ibm san_volume_controller_firmware *
ibm san_volume_controller_firmware *
ibm san_volume_controller -
ibm stn6500_firmware *
ibm stn6500_firmware *
ibm stn6500_firmware *
ibm stn6500 -
ibm stn6800_firmware *
ibm stn6800_firmware *
ibm stn6800_firmware *
ibm stn6800 -
ibm stn7800_firmware *
ibm stn7800_firmware *
ibm stn7800_firmware *
ibm stn7800 -
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
novell zenworks_configuration_management 10.3
novell zenworks_configuration_management 11
novell zenworks_configuration_management 11.1
novell zenworks_configuration_management 11.2
novell zenworks_configuration_management 11.3.0
novell open_enterprise_server 2.0
novell open_enterprise_server 11.0
checkpoint security_gateway *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_analytics *
f5 big-ip_analytics 11.6.0
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller 11.6.0
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_wan_optimization_manager *
f5 big-ip_wan_optimization_manager *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-iq_cloud *
f5 big-iq_device *
f5 big-iq_security *
f5 enterprise_manager *
f5 enterprise_manager *
f5 traffix_signaling_delivery_controller *
f5 traffix_signaling_delivery_controller 3.3.2
f5 traffix_signaling_delivery_controller 3.4.1
f5 traffix_signaling_delivery_controller 3.5.1
f5 traffix_signaling_delivery_controller 4.1.0
f5 arx_firmware *
f5 arx -
citrix netscaler_sdx_firmware *
citrix netscaler_sdx_firmware *
citrix netscaler_sdx_firmware *
citrix netscaler_sdx -
apple mac_os_x *
vmware vcenter_server_appliance 5.0
vmware vcenter_server_appliance 5.0
vmware vcenter_server_appliance 5.0
vmware vcenter_server_appliance 5.1
vmware vcenter_server_appliance 5.1
vmware vcenter_server_appliance 5.1
vmware vcenter_server_appliance 5.5
vmware vcenter_server_appliance 5.5
vmware esx 4.0
vmware esx 4.1


To clipboard 

{
  "cisaActionDue": "2022-07-28",
  "cisaExploitAdd": "2022-01-28",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:bash:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4DBE402-1B0A-4854-ABE5-891321454C25",
              "versionEndIncluding": "4.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCA5A28D-79B6-4F3E-9C98-65D4DFAD8EE7",
              "versionEndExcluding": "4.9.12",
              "versionStartIncluding": "4.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B1DC7EF-C994-4252-9DFE-DCA63FB17AE0",
              "versionEndExcluding": "4.10.9",
              "versionStartIncluding": "4.10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9056776F-03F6-4C3D-8635-37D66FD16EAA",
              "versionEndExcluding": "4.11.11",
              "versionStartIncluding": "4.11.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFEE6963-F73F-4B71-B4F8-6E550FBDA5F6",
              "versionEndExcluding": "4.12.9",
              "versionStartIncluding": "4.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8296875A-64FA-4592-848A-A923126BD8AF",
              "versionEndExcluding": "4.13.9",
              "versionStartIncluding": "4.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "816A16AF-1F5E-483A-AA89-3022818FAE43",
              "versionEndExcluding": "4.14.4f",
              "versionStartIncluding": "4.14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:oracle:linux:4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8421899-5D10-4C2B-88AA-3DA909FE3E67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*",
              "matchCriteriaId": "62A2AC02-A933-4E51-810E-5D040B476B7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
              "matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE8B7F1F-22F6-4B10-A6E5-DE44B1D2E649",
              "versionEndExcluding": "4.1.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:4.1.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "F407EA72-BA1A-41A2-B699-874304A638A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:4.1.1:build_0927:*:*:*:*:*:*",
              "matchCriteriaId": "DDA25903-B334-438B-8196-B9E5119199D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F1E356-E019-47E8-AA5F-702DA93CF74E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F805A106-9A6F-48E7-8582-D3C5A26DFC11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC489F35-07F1-4C3E-80B9-78F0689BC54B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:virtualization:3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "95CE35FC-266F-4025-A0B8-FB853C020800",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6172AF57-B26D-45F8-BE3A-F75ABDF28F49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6252E88C-27FF-420D-A64A-C34124CF7E6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A8E07B7-3739-4BEB-88F8-C7F62431E889",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.9_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5537E1-1E8E-49C5-B4CB-A8E2EE3F5088",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.4_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "804DFF9F-BAA8-4239-835B-6182471A224F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.5_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EE496C0-35F7-44DC-B3F0-71EA3A613C38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.3_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "71179893-49F2-433C-A7AC-687075F9CC1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.4_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D4C43D8-02A5-4385-A89E-F265FEEC9E9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.5_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "37ECC029-3D84-4DD7-B28B-E5AD5559CF94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.6_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CBED2A-B6B0-420E-BC40-160930D8662E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.7_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "652F7BB0-A6EA-45D0-86D4-49F4CA6C3EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0_ppc:*:*:*:*:*:*:*",
              "matchCriteriaId": "29BBF1AC-F31F-4251-8054-0D89A8E6E990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.9_ppc:*:*:*:*:*:*:*",
              "matchCriteriaId": "C52A4A2F-6385-4E5F-B2C7-0EF7267546F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D8D654F-2442-4EA0-AF89-6AC2CD214772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.4_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8ED0658-5F8F-48F0-A605-A2205DA27DA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BCF87FD-9358-42A5-9917-25DF0180A5A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.5_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "C385DA76-4863-4D39-84D2-9D185D322365",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "188019BF-3700-4B3F-BFA5-553B2B545B7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B8B2E32-B838-4E51-BAA2-764089D2A684",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "4319B943-7B19-468D-A160-5895F7F997A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "8036E2AE-4E44-4FA5-AFFB-A3724BFDD654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "634C23AC-AC9C-43F4-BED8-1C720816D5E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "37CE1DC7-72C5-483C-8921-0B462C8284D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB6ADFB8-210D-4E46-82A2-1C8705928382",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "92C9F1C4-55B0-426D-BB5E-01372C23AF97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD6D0378-F0F4-4AAA-80AF-8287C790EC96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8821E5FE-319D-40AB-A515-D56C1893E6F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AE981D4-0CA1-46FA-8E91-E1A4D5B31383",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F732C7C9-A9CC-4DEF-A8BE-D0F18C944C78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "74BCA435-7594-49E8-9BAE-9E02E129B6C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
              "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*",
              "matchCriteriaId": "CED02712-1031-4206-AC4D-E68710F46EC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*",
              "matchCriteriaId": "35BBD83D-BDC7-4678-BE94-639F59281139",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:-:*:*",
              "matchCriteriaId": "7F4AF9EC-7C74-40C3-A1BA-82B80C4A7EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
              "matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
              "matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
              "matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
              "matchCriteriaId": "15FC9014-BD85-4382-9D04-C0703E901D7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
              "matchCriteriaId": "1831D45A-EE6E-4220-8F8C-248B69520948",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "94C9C346-6DEC-4C72-9F59-BB3BEC42B551",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2071DABB-7102-47F2-A15F-A6C03607D01F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8661E86-E075-427F-8E05-7A33811A3A76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEFCC35D-1C83-4CA5-8B1D-9A637613AD7E",
              "versionEndIncluding": "1.0.0.4",
              "versionStartIncluding": "1.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "054736AF-96E0-491D-B824-CC4A35B76E14",
              "versionEndIncluding": "1.1.0.4",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:pureapplication_system:2.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "575894EE-F13C-4D56-8B63-59A379F63BD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_risk_manager:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E476AEB-AD38-4033-8426-DC502497D75A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C062C89-5DC2-46EE-A9D3-23E7539A5DAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr1:*:*:*:*:*:*",
              "matchCriteriaId": "20981443-6A64-4852-B2CB-3299927C6F78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr2:*:*:*:*:*:*",
              "matchCriteriaId": "59761BB8-FCC7-4D15-88A8-82076CCF196F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "CF399B2E-8413-4B80-A0C0-E61E8A0A8604",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p1:*:*:*:*:*:*",
              "matchCriteriaId": "230EBA53-66AF-432B-B4C1-08D8FC903B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p2:*:*:*:*:*:*",
              "matchCriteriaId": "789F398A-5CB2-48F8-AF8F-05BF0A8E04B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p3:*:*:*:*:*:*",
              "matchCriteriaId": "EF102659-B067-473E-AA37-EA90A82D1864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "81DF915D-D764-4C21-B213-0ADFD844E9DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p1:*:*:*:*:*:*",
              "matchCriteriaId": "C29A4119-A992-4713-85D6-4FDED7CD416A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p10:*:*:*:*:*:*",
              "matchCriteriaId": "4CA59C9D-74C2-4AFC-B1D1-1BC305FD493B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p11:*:*:*:*:*:*",
              "matchCriteriaId": "5720A37E-1DB5-45BA-9FDE-0EAEFE1F2257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p12:*:*:*:*:*:*",
              "matchCriteriaId": "F03006B7-037B-491F-A09F-DEB2FF076754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p13:*:*:*:*:*:*",
              "matchCriteriaId": "FE78AED4-AD60-406C-82E0-BA52701B49BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p2:*:*:*:*:*:*",
              "matchCriteriaId": "3D0B71F0-CCED-4E23-989A-3E9E2D71307C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p3:*:*:*:*:*:*",
              "matchCriteriaId": "5CF8FC22-C556-451C-B928-F5AF8DF4BF45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p4:*:*:*:*:*:*",
              "matchCriteriaId": "081D3B14-45F6-4F96-944B-94D967FEFA26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p5:*:*:*:*:*:*",
              "matchCriteriaId": "DE2C36B5-43F8-401B-B420-1FA5F13A4D6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p6:*:*:*:*:*:*",
              "matchCriteriaId": "D922DC5A-63F6-4188-BCDE-BB987402E47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p7:*:*:*:*:*:*",
              "matchCriteriaId": "BFD5737C-AAE8-4C8D-BCFE-FFDF5DA4221C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p8:*:*:*:*:*:*",
              "matchCriteriaId": "C2BCC22C-A32B-4945-AFBC-777DBE248FB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p9:*:*:*:*:*:*",
              "matchCriteriaId": "92F92890-63B0-4918-A147-8852B6E2FA8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8016ECD3-4417-47A8-9493-C9F9EDF5FAA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "ED0B143A-5386-4375-AEB2-48619B2B1EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p1:*:*:*:*:*:*",
              "matchCriteriaId": "E7ECA734-9E95-484F-B880-2491A0E2531B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p2:*:*:*:*:*:*",
              "matchCriteriaId": "5D7CD9E9-033C-44B8-A68C-47AC260873E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p3:*:*:*:*:*:*",
              "matchCriteriaId": "07B660DC-A94F-48F0-A2F4-1C39CC4751A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "44D355AE-A8C0-4D7B-87FE-5D4138B6BB2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p1:*:*:*:*:*:*",
              "matchCriteriaId": "329C8551-98D1-4255-B598-9E75A071C186",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p2:*:*:*:*:*:*",
              "matchCriteriaId": "FD0687B7-F374-4368-AD9E-041123B23A6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p3:*:*:*:*:*:*",
              "matchCriteriaId": "D0330E77-454E-4E77-9628-50681B748491",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "3863726E-15AD-4A47-85CB-0C9965E76EF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p1:*:*:*:*:*:*",
              "matchCriteriaId": "5C07D9DC-E6C1-4FB0-86F1-144FD51B08CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p2:*:*:*:*:*:*",
              "matchCriteriaId": "3105129C-8FE8-4BF0-8CB9-A7F3F7FE1107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p3:*:*:*:*:*:*",
              "matchCriteriaId": "D1F35447-889F-4CE9-9473-87046B4707EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p4:*:*:*:*:*:*",
              "matchCriteriaId": "A3A5DFC0-BBD7-430C-A026-E1F34E08894D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "141E8F6A-3998-4F22-A717-3F52BC998F97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p1:*:*:*:*:*:*",
              "matchCriteriaId": "F09AA197-BB55-4CF0-AC29-4449C07DE510",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p2:*:*:*:*:*:*",
              "matchCriteriaId": "3E468E33-B183-4830-97E2-EAF9FD3758E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p3:*:*:*:*:*:*",
              "matchCriteriaId": "738C8F2B-3D3E-4E1F-977A-05D3A39F115D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p4:*:*:*:*:*:*",
              "matchCriteriaId": "1ED03E83-909B-423F-81F2-34AB7F24BBE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "9778E8AA-A034-4B04-A42E-6A182378C7DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p1:*:*:*:*:*:*",
              "matchCriteriaId": "AEE15598-4064-4E31-86BA-7851AA4B76C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p2:*:*:*:*:*:*",
              "matchCriteriaId": "59FE3789-FB47-4939-B9AA-86D203445526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p3:*:*:*:*:*:*",
              "matchCriteriaId": "2F96389A-82B9-42DE-8E93-D2B2EE610F7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p4:*:*:*:*:*:*",
              "matchCriteriaId": "3131CDA5-1C4D-489C-8788-FA396F8ADB2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p5:*:*:*:*:*:*",
              "matchCriteriaId": "DCC7DF3E-658C-41D7-A4AC-433440A02092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p6:*:*:*:*:*:*",
              "matchCriteriaId": "EEBB12B8-4EF6-42B9-9D28-A9CA129B0FBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:-:*:*:*:*:*:*",
              "matchCriteriaId": "279C30FB-EA1C-4D1D-A37E-F1EEF79F19F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p1:*:*:*:*:*:*",
              "matchCriteriaId": "D6870C1E-E4A4-4666-89DB-D72C8100D27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p2:*:*:*:*:*:*",
              "matchCriteriaId": "BE183CA0-FFBB-4746-8BBE-5D1910DD2100",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p3:*:*:*:*:*:*",
              "matchCriteriaId": "D04B5EBF-C94C-4A44-9A7E-75623CAF832C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p4:*:*:*:*:*:*",
              "matchCriteriaId": "5723FDF4-198B-488E-B075-F528EC6E4D18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p5:*:*:*:*:*:*",
              "matchCriteriaId": "7E23A972-5BCA-4C7E-B6F9-AD54992861A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p6:*:*:*:*:*:*",
              "matchCriteriaId": "1D00AFC9-8A9C-4BB1-9E60-BC6D552DC8E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:-:*:*:*:*:*:*",
              "matchCriteriaId": "BFE4D0FF-6445-4E14-9536-ADB32662B346",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p1:*:*:*:*:*:*",
              "matchCriteriaId": "C7FC4FDA-1C8D-4D7A-B5EA-D905FA830805",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p2:*:*:*:*:*:*",
              "matchCriteriaId": "753AA0F3-09F4-4E34-8E72-FAFD8BFE18EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p3:*:*:*:*:*:*",
              "matchCriteriaId": "9AC763FD-C143-4CA3-9A24-D50C9ED243D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p4:*:*:*:*:*:*",
              "matchCriteriaId": "299C6CBE-905F-4E59-AF2F-89A1CD767916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p5:*:*:*:*:*:*",
              "matchCriteriaId": "78538461-1B7E-4712-AA8D-D2EA3477635B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p6:*:*:*:*:*:*",
              "matchCriteriaId": "E3FF46F1-EF19-49D7-9EDD-44441C1A3F94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p7:*:*:*:*:*:*",
              "matchCriteriaId": "D9F91FB6-7D8F-4D89-B6BA-2C6DF15B9A51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "5725106C-A650-4C24-9636-1200BD44CCA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p1:*:*:*:*:*:*",
              "matchCriteriaId": "F1501425-96F7-487B-9588-FDA2DAC3790A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p2:*:*:*:*:*:*",
              "matchCriteriaId": "48D95998-9434-4AFF-9983-0D7AC34176A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p3:*:*:*:*:*:*",
              "matchCriteriaId": "D60BB309-860D-4D74-B08F-F94AFE84C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p4:*:*:*:*:*:*",
              "matchCriteriaId": "F63E864E-6323-41B4-956F-51F9364DFAE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "EC724282-7431-465E-8E60-4037121B8838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p1:*:*:*:*:*:*",
              "matchCriteriaId": "73151221-C102-4425-9316-1EE4CAAB6531",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p10:*:*:*:*:*:*",
              "matchCriteriaId": "D1E9DDCD-6D22-4175-94EF-D8A5457E7355",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p11:*:*:*:*:*:*",
              "matchCriteriaId": "35AB906F-43CD-4D54-8274-1FD551532E58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p12:*:*:*:*:*:*",
              "matchCriteriaId": "1ADC75F0-B27E-4B15-B829-482FBA0063A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p13:*:*:*:*:*:*",
              "matchCriteriaId": "D015D670-8AEA-49A3-8D22-9E3009322EB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p14:*:*:*:*:*:*",
              "matchCriteriaId": "C18F3CC3-9BCF-4DE8-B7CA-59587D5E61F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p15:*:*:*:*:*:*",
              "matchCriteriaId": "E543BC0F-ADFB-4CF2-BC6C-90DC76BE3A95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p16:*:*:*:*:*:*",
              "matchCriteriaId": "28CE650B-BE03-4EDF-BE27-2FA6657F7A52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p2:*:*:*:*:*:*",
              "matchCriteriaId": "2356A4E6-561B-40CA-8348-B30D581B1E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p3:*:*:*:*:*:*",
              "matchCriteriaId": "74509F3F-840E-48B8-88B1-EA4FFB90ACC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p4:*:*:*:*:*:*",
              "matchCriteriaId": "BE7BD528-628F-4CA9-9FE8-8A79BDC97680",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p5:*:*:*:*:*:*",
              "matchCriteriaId": "26118C2B-78CC-4038-9DEA-7A9417029790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p6:*:*:*:*:*:*",
              "matchCriteriaId": "29EBC1DD-6949-4B12-8CA5-EE2BCDB8C4C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p7:*:*:*:*:*:*",
              "matchCriteriaId": "4F445D93-D482-4A74-810D-66D78CBCAFED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p8:*:*:*:*:*:*",
              "matchCriteriaId": "2C9F200C-ECC9-4D51-AFE7-E99C16D09148",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p9:*:*:*:*:*:*",
              "matchCriteriaId": "56B87CB5-0F77-4040-BB58-9DBF5723A4FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4B3321B-11AD-43EB-867C-FA4FA6A5421E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFB104CA-55CD-4B9E-A2F7-CC06E57663CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4975223D-9E31-4CEC-A4B6-C0996828B855",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "22E0F4A7-B8BD-42D1-92DB-2B510FFC9C36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C15C820B-4778-4B8F-8BD8-E996F1D4062D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A42E70EE-2E23-4D92-ADE0-9177B9EDD430",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "01C91446-4A36-4FCE-A973-3E6F813FABC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p1:*:*:*:*:*:*",
              "matchCriteriaId": "58281E62-E350-4B0D-9322-8BA1E1773CB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p2:*:*:*:*:*:*",
              "matchCriteriaId": "BF1A152E-5795-4319-BD4D-855DE19C744C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p3:*:*:*:*:*:*",
              "matchCriteriaId": "438FCE7F-035A-4D89-96FE-EE5278C85493",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p4:*:*:*:*:*:*",
              "matchCriteriaId": "80900F2C-7CFA-4C40-A6B5-51E12C3DA187",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p5:*:*:*:*:*:*",
              "matchCriteriaId": "DDE9A060-1D4D-46E5-A34F-CC4CFA260D94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p6:*:*:*:*:*:*",
              "matchCriteriaId": "33F900E6-AE47-4789-A337-70C6BEF22895",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p7:*:*:*:*:*:*",
              "matchCriteriaId": "AD2E5054-2151-414D-A88F-6697FF280D41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "3EB09361-372E-4F51-B255-C7D2DB41969F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p1:*:*:*:*:*:*",
              "matchCriteriaId": "A36D6991-3728-4F60-A443-37652DFAA053",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p10:*:*:*:*:*:*",
              "matchCriteriaId": "4142CC4E-9F0D-4017-8D17-D59FBCEB36F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p11:*:*:*:*:*:*",
              "matchCriteriaId": "63C0F7CA-5F3C-41D4-AAD6-084643115D85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p12:*:*:*:*:*:*",
              "matchCriteriaId": "1D16C66D-15BF-4EB8-8D78-DF12A69BD7F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p13:*:*:*:*:*:*",
              "matchCriteriaId": "81C388DC-0941-4D08-8C1C-BD43D9B0DC8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p14:*:*:*:*:*:*",
              "matchCriteriaId": "45CD14D8-665A-46C5-8387-33FF266822A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p15:*:*:*:*:*:*",
              "matchCriteriaId": "D510329D-B39E-4E2B-AAEC-1FDA7869C9E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p16:*:*:*:*:*:*",
              "matchCriteriaId": "4640FE06-4D22-442E-A0E0-76EEFAF6ECB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p17:*:*:*:*:*:*",
              "matchCriteriaId": "6A846C69-CA94-4F5E-9E02-69EA6680549E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p2:*:*:*:*:*:*",
              "matchCriteriaId": "F3E63ECF-25CB-4E7F-BF51-B4D7B3541AE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p3:*:*:*:*:*:*",
              "matchCriteriaId": "FF14DD4F-6779-4B17-AB1B-D4DE58E7E231",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p4:*:*:*:*:*:*",
              "matchCriteriaId": "7AAEE176-631A-41B9-BC40-93F866DA9D5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p5:*:*:*:*:*:*",
              "matchCriteriaId": "75C963D5-F2D1-49EE-93B5-CA7FE7EAB98C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p6:*:*:*:*:*:*",
              "matchCriteriaId": "9388D932-9818-4A68-9543-B0643166DB2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p7:*:*:*:*:*:*",
              "matchCriteriaId": "770A9287-C910-4690-9402-0C0B7BAC8912",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p8:*:*:*:*:*:*",
              "matchCriteriaId": "3F8AC068-D5AC-4042-8A7C-5B95EA0E85F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p9:*:*:*:*:*:*",
              "matchCriteriaId": "B503F1F7-F439-420D-B465-9A51CCECAB06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27948B08-C452-41FB-B41F-6ADB3AAE087E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AB8FB4C-5BBC-420D-84F0-C8424DC25CD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAF1F14C-DB2C-40A8-B899-C127C7ECC0D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E87FA9CC-D201-430F-8FE6-8C9A88CEAB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smartcloud_provisioning:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D7F2743-71BB-4011-B919-7E8032B6B72F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:kvm:*:*:*",
              "matchCriteriaId": "3738FAC6-B90B-4014-9E86-17ED6D19D23D",
              "versionEndExcluding": "1.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:openflow:*:*:*",
              "matchCriteriaId": "35B6634E-4F09-423C-87E7-59D4127CC023",
              "versionEndExcluding": "1.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:vmware:*:*:*",
              "matchCriteriaId": "0A7A7100-A1DA-4191-A4C1-D930829A3DC2",
              "versionEndExcluding": "1.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:starter_kit_for_cloud:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "83739ED7-37F1-4712-8C81-E56F58790240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:workload_deployer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CDD227E-1F98-4F73-BB65-3820F39127F0",
              "versionEndIncluding": "3.1.0.7",
              "versionStartIncluding": "3.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "250AF7A4-8DDF-427C-8BF7-788667908D77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "22433CE0-9772-48CE-8069-612FF3732C21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2569AA28-5C61-4BBD-A501-E1ACFA36837B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AB188A2-D7CE-4141-A55A-C074C84E366E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE4E5283-0FEE-4F37-9C41-FA695063FF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "73EB6121-62CD-49FC-A1D2-5467B007253C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CB18F38-AC6A-406A-A4DD-40688B803744",
              "versionEndExcluding": "1.4.3.5",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE781C8-40F7-4F6D-8FED-8EB3071FE9DB",
              "versionEndExcluding": "1.5.0.4",
              "versionStartIncluding": "1.5.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5AB3395-B458-49F8-A8E3-25FF0C1C3BD3",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EC57FAE-AD4D-4C9F-97A4-581C977B5FE4",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "47A17EE0-7D3E-4CD7-984C-BB17BF6F4BFD",
              "versionEndExcluding": "7.1.0.11",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A46CF2-392A-4BB9-B4BF-DE8C5228CAAE",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C4EF774-BD92-444D-9583-25DB97CDA4F3",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8753BBDB-A858-4A51-A8FD-8DF8DF2734A0",
              "versionEndExcluding": "7.1.0.11",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FB9850A-3308-4277-A68C-AD418612101E",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C84D7A48-6745-49D3-AE52-31DD7EEC0D61",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A1A3A3E-5636-4422-9B7B-B3D97989E674",
              "versionEndExcluding": "7.1.0.11",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7384B993-049F-48D7-86D6-FE221C783245",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1DF6129-9CEA-4812-800F-A6FD5095D60E",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79788A89-4152-4B4B-BFF0-518D90EE4D2B",
              "versionEndExcluding": "7.1.0.11",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "680738C5-63D5-4F60-9610-FD0D87FCBBCA",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "872E2102-6BE6-42B6-93B0-942B7DABCBDA",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_v7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DACA26CF-7C3F-4215-B032-ED9C5EFD57D8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E31991-DF33-4F00-8430-7B626E8174CE",
              "versionEndExcluding": "7.1.0.11",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2E25BB0-6F5A-4A7B-9147-D4E17014C747",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B80C1675-4948-45DC-B593-EDB1354E42F3",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CE69F8D-5EEE-4BC7-939C-CE71BCD2E11D",
              "versionEndExcluding": "3.8.0.07",
              "versionStartIncluding": "3.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDEC166F-A967-4616-B9EF-503054EFD197",
              "versionEndExcluding": "3.9.1.08",
              "versionStartIncluding": "3.9.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "713E71BC-16F5-41E3-9816-74D5E8D8C9A9",
              "versionEndExcluding": "4.1.2.06",
              "versionStartIncluding": "4.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:stn6500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D2487E0-046C-476F-BFF4-EF77D9E856D8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0287F3CD-2151-491D-8BC3-6D3921BE8FFA",
              "versionEndExcluding": "3.8.0.07",
              "versionStartIncluding": "3.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4179899-87B4-42C3-8245-9A34EC04F6A1",
              "versionEndExcluding": "3.9.1.08",
              "versionStartIncluding": "3.9.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8CED766-9742-4037-8005-F0BDDE9176DD",
              "versionEndExcluding": "4.1.2.06",
              "versionStartIncluding": "4.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:stn6800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C41EEAEC-08AE-4478-8977-5A4D7B48C175",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "298C961D-5E5F-4277-B192-A4C29243BECC",
              "versionEndExcluding": "3.8.0.07",
              "versionStartIncluding": "3.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5A76C40-BA90-4FBD-8DFF-4AF8F952963A",
              "versionEndExcluding": "3.9.1.08",
              "versionStartIncluding": "3.9.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0663FBC-01C0-4AD8-A0B8-6097E537D352",
              "versionEndExcluding": "4.1.2.06",
              "versionStartIncluding": "4.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:stn7800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE145DE3-3C9B-4949-B6D4-9B259372CCE0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
              "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:novell:zenworks_configuration_management:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ABC25E5-76CD-469B-879A-B1F7109D0181",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11:*:*:*:*:*:*:*",
              "matchCriteriaId": "98942F6C-330F-459A-B2B4-72572DB4070E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5A92B0C-7256-45F0-8E0C-ADFEF36CF43D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C0BAB94-6521-4B57-9E56-A57BA5E20C24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A7788E5-93B9-4149-8823-2ACBA5CF17E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:novell:open_enterprise_server:2.0:sp3:*:*:*:linux_kernel:*:*",
              "matchCriteriaId": "B41B4ECD-6F30-46F5-A559-1CEFC7964873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:novell:open_enterprise_server:11.0:sp2:*:*:*:linux_kernel:*:*",
              "matchCriteriaId": "D42ADCD9-1455-401C-B94F-D367A78A2B97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:checkpoint:security_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2853A787-E5F1-4455-9482-7C538B80556C",
              "versionEndExcluding": "r77.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E910D60-1145-4229-9890-80D2D67C3845",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BBEF73-E87D-467F-85EB-47BE212DF0E8",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE23220D-E364-41B7-A440-43B3AA4A716A",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C483253F-841E-4D4E-9B4A-932E9D07268B",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "667D3780-3949-41AC-83DE-5BCB8B36C382",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F0E7766-BDB4-42AB-B6CC-6B4E86A10038",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5AF8C8-578E-4FD7-8BAA-53A57EE4C653",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06BA93C0-A7AE-4A8E-BD74-08149A204463",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E0D8F52-0EAD-4E02-A8D8-CBAE2CDC703B",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6D61BF2-69D8-4AD2-85CD-D87F640A6888",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9A06D61-E6CB-4A8A-B06D-9FEA1812C167",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0B4C01-C71E-4E35-B63A-68395984E033",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9828CBA5-BB72-46E2-987D-633A5B3E2AFF",
              "versionEndIncluding": "11.4.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC24B891-6DBA-4C02-B4CF-8D1CA53B4B74",
              "versionEndIncluding": "4.4.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BB0FDAC-C49D-4E63-ACA9-7BAD7C93A5D2",
              "versionEndIncluding": "4.4.0",
              "versionStartIncluding": "4.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AEB1FC5-1179-4DE9-99A2-D650167A7A60",
              "versionEndIncluding": "4.4.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ADD1B04-9F78-40B3-8314-6935277073B0",
              "versionEndIncluding": "2.3.0",
              "versionStartIncluding": "2.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "482E630B-93A1-4B9B-8273-821C116ADC4F",
              "versionEndIncluding": "3.1.1",
              "versionStartIncluding": "3.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1343FBDC-4BF0-403B-B257-96672F092263",
              "versionEndIncluding": "4.0.5",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C138527-73D3-4AEE-BFAB-1D240A585A0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F2EB3D6-EF4C-4241-A31E-3990664004A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F0CD8F8-26CE-43F0-87EB-A08F1D1EDB25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D1168D2-93D5-4415-A666-B4BE0B2AC201",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:f5:arx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48A2FBA9-207F-4F16-932D-BF0BA3440503",
              "versionEndIncluding": "6.4.0",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:f5:arx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C6AC80F-9D91-468D-BEE3-6A0759723673",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF1DB4B7-AFCC-4D56-95BA-C66AB7A36680",
              "versionEndExcluding": "9.3.67.5r1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "665EF643-3CDC-4518-9693-0D49F0870283",
              "versionEndExcluding": "10.1.129.11r1",
              "versionStartIncluding": "10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAE3CC45-49E5-40DE-B5C3-52A754A9C599",
              "versionEndExcluding": "10.5.52.11r1",
              "versionStartIncluding": "10.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:citrix:netscaler_sdx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8968E39A-1E16-4B7F-A16A-190EBC20D04F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "864B5480-704F-4636-A938-7D95AD4223AD",
              "versionEndExcluding": "10.10.0",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "35D34345-0AD1-499C-9A74-982B2D3F305A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "3DF3F07E-6F4E-4B97-B313-7DA3E8A88451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "5C98B0EA-7A52-4BDF-90C2-38797FC2B75A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FECF06B5-3915-48F0-A140-41C7A27EE99D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "BBD8B161-0A07-492F-89E4-7A0BD02F6464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "F3E8E0E1-FF63-425D-8C22-86B16CFB7B1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:-:*:*:*:*:*:*",
              "matchCriteriaId": "29DF8DD7-B5CC-4152-A726-1D48459068D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "DB2E2AAD-E221-4227-A41B-DC01BFDFCD6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka \"ShellShock.\"  NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix."
    },
    {
      "lang": "es",
      "value": "GNU Bash hasta la versi\u00f3n 4.3 procesa cadenas finales despu\u00e9s de las definiciones de funciones en los valores de variables de entorno, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un entorno manipulado, tal como se ha demostrado por vectores que involucran la caracter\u00edstica ForceCommand en sshd OpenSSH, los m\u00f3dulos mod_cgi y mod_cgid en el Apache HTTP Server, scripts ejecutados por clientes DHCP no especificados, y otras situaciones en las cuales el ajuste de entorno ocurre a trav\u00e9s de un l\u00edmite privilegiado de la ejecuci\u00f3n de Bash, tambi\u00e9n conocido como \"ShellShock.\" NOTA: la reparaci\u00f3n original para este problema era incorrecta; CVE-2014-7169 ha sido asignada para cubrir la vulnerabilidad que todav\u00eda est\u00e1 presente despu\u00e9s de la soluci\u00f3n incorrecta."
    }
  ],
  "id": "CVE-2014-6271",
  "lastModified": "2025-01-06T19:36:17.117",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2014-09-24T18:48:04.477",
  "references": [
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://advisories.mageia.org/MGASA-2014-0388.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/58200"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/59272"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/59737"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/59907"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60024"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60034"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60044"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60055"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60063"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60193"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60325"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60433"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60947"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61065"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61128"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61129"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61188"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61283"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61287"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61291"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61312"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61313"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61328"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61442"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61471"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61485"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61503"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61542"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61547"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61550"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61552"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61565"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61603"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61633"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61641"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61643"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61654"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61676"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61700"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61703"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61711"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61715"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61780"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61816"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61855"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61857"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61873"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/62228"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/62312"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/62343"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6495"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2014/dsa-3032"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/252743"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/70103"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2362-1"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/articles/1200223"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/node/1200223"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.apple.com/kb/HT6535"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.citrix.com/article/CTX200217"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Permissions Required"
      ],
      "url": "https://support.citrix.com/article/CTX200223"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/34879/"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/37816/"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/38849/"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/39918/"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/40619/"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/40938/"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/42938/"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.suse.com/support/shellshock/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://advisories.mageia.org/MGASA-2014-0388.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-1293.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-1294.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142719845423222\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1293.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1294.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1295.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/58200"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/59272"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/59737"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/59907"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60024"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60055"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60063"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60193"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60325"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60433"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/60947"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61128"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61188"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61287"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61291"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61442"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61485"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61503"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61542"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61547"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61550"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61552"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61565"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61603"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61633"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61641"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61643"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61654"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61676"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61700"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61703"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61711"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61715"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61780"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61816"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61855"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61857"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/61873"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/62228"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/62312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/62343"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.novell.com/security/cve/CVE-2014-6271.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2014/dsa-3032"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/252743"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/70103"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2362-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/articles/1200223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/node/1200223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141597"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.apple.com/kb/HT6535"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.citrix.com/article/CTX200217"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "https://support.citrix.com/article/CTX200223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/34879/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/37816/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/38849/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/39918/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/40619/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/40938/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/42938/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.suse.com/support/shellshock/"
    }
  ],
  "sourceIdentifier": "security@debian.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2017-10-27 14:29
Modified
2024-11-21 03:29
Severity ?
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a number of concurrent streams beyond the advertised limit can cause a disruption of service. Remote client initiating stream beyond the advertised limit can cause a disruption of service. The Traffic Management Microkernel (TMM) data plane is exposed to this issue; the control plane is not exposed.
References
f5sirt@f5.comhttp://www.securityfocus.com/bid/101606Third Party Advisory, VDB Entry
f5sirt@f5.comhttp://www.securitytracker.com/id/1039671Third Party Advisory, VDB Entry
f5sirt@f5.comhttps://support.f5.com/csp/article/K22541983Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/101606Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1039671Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K22541983Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_local_traffic_manager 11.6.1
f5 big-ip_local_traffic_manager 12.0.0
f5 big-ip_local_traffic_manager 12.1.0
f5 big-ip_local_traffic_manager 12.1.1
f5 big-ip_local_traffic_manager 12.1.2
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_acceleration_manager 11.6.1
f5 big-ip_application_acceleration_manager 12.0.0
f5 big-ip_application_acceleration_manager 12.1.0
f5 big-ip_application_acceleration_manager 12.1.1
f5 big-ip_application_acceleration_manager 12.1.2
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_advanced_firewall_manager 11.6.1
f5 big-ip_advanced_firewall_manager 12.0.0
f5 big-ip_advanced_firewall_manager 12.1.0
f5 big-ip_advanced_firewall_manager 12.1.1
f5 big-ip_advanced_firewall_manager 12.1.2
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_access_policy_manager 11.6.1
f5 big-ip_access_policy_manager 12.0.0
f5 big-ip_access_policy_manager 12.1.0
f5 big-ip_access_policy_manager 12.1.1
f5 big-ip_access_policy_manager 12.1.2
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_application_security_manager 11.6.1
f5 big-ip_application_security_manager 12.0.0
f5 big-ip_application_security_manager 12.1.0
f5 big-ip_application_security_manager 12.1.1
f5 big-ip_application_security_manager 12.1.2
f5 big-ip_link_controller *
f5 big-ip_link_controller 11.6.0
f5 big-ip_link_controller 11.6.1
f5 big-ip_link_controller 12.0.0
f5 big-ip_link_controller 12.1.0
f5 big-ip_link_controller 12.1.1
f5 big-ip_link_controller 12.1.2
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_policy_enforcement_manager 11.6.1
f5 big-ip_policy_enforcement_manager 12.0.0
f5 big-ip_policy_enforcement_manager 12.1.0
f5 big-ip_policy_enforcement_manager 12.1.1
f5 big-ip_policy_enforcement_manager 12.1.2
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module 11.6.0
f5 big-ip_protocol_security_module 11.6.1
f5 big-ip_protocol_security_module 12.0.0
f5 big-ip_protocol_security_module 12.1.0
f5 big-ip_protocol_security_module 12.1.1
f5 big-ip_protocol_security_module 12.1.2


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D5E66B-9666-4B6D-BB8B-B640188968E9",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2B502F2-404C-463B-B6BE-87489DC881F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82C7B1C-E195-4D94-B604-78FB464C4F81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F6C3144-D0DE-4248-BFCD-04A7E6104044",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0357B5ED-0600-4756-93E5-692987068596",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBBAEB39-4C78-483E-B60D-CE3607C65389",
              "versionEndIncluding": "11.5.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BE0210-7058-462A-BA17-845D3E4F52FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECA90FB8-E2CD-400F-B753-1B482E7FAC96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FEC804B-35DB-4A0C-9AEA-15527E0CC1B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEB228A9-0C01-4531-B2B2-38BB7B0E02E9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "26066159-46E1-4D70-A03A-EB9A167ABC92",
              "versionEndIncluding": "11.5.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBAB92C5-2D50-49CC-AECA-0D16BC44A788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC827031-CA39-4081-8CE0-30EAC78DF756",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7569903B-3A15-4A10-863B-6828337DD268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "45825991-D17D-42F1-87B4-7DF86B098B45",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ADD8BEA-9FFF-467F-92E9-C855B439936E",
              "versionEndIncluding": "11.5.4",
              "versionStartIncluding": "11.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E33BCA5B-CE91-451C-9821-2023A9E461C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2044C-AC6F-4145-B1A0-8EB26DCF1F8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FC866D4-CE8C-4408-AD1E-8643AC554CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7563D979-BE37-4251-B92E-0DBDBE53F3FF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E722C9E-034C-4905-8C6F-48DB78DEFCE0",
              "versionEndIncluding": "11.5.4",
              "versionStartIncluding": "11.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94DBCD7A-E4DA-4C08-87A4-960CF53A83E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB2118A-0F9C-4273-BB07-85FEA32C785B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8541C9EF-69A8-4641-B173-3BCE0EDD20A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E24A3C71-0075-4738-B114-267337D050CD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BA07A5E-D649-4725-9E2B-5BF496296151",
              "versionEndIncluding": "11.5.4",
              "versionStartIncluding": "11.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C641B4F-DCFF-4A1B-9E00-EDF18A270241",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBBB6E7C-DA1A-479F-9DD2-DE0C3CA82E92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4913B437-33FF-4B5E-A855-9DA00B35E3B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDCFE65B-340B-4F7D-93A1-4390BBC8E67F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A89726B-93EB-4F49-B395-017CA90F1399",
              "versionEndIncluding": "11.5.4",
              "versionStartIncluding": "11.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1EA4F45-35F7-4687-8D1A-A5ACD846500A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "64273A2C-E5A1-4605-92DD-EBECC7F051D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E60CA151-1C3A-45B3-B939-E6F80063C595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "58BAD5A9-9C67-4056-9344-07C8C42C8E88",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D95A60B-FD05-4701-A2F8-CA675416A41D",
              "versionEndIncluding": "11.5.4",
              "versionStartExcluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A04AE2-1877-49DC-ACF2-FE741CBF9A60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B012CDE-BE1C-4F32-8500-B9E221CC53D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E717BBE7-F15A-4B41-BEF8-43FC5E9F4E0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8574970-8827-4332-93AA-791AC582294E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E608782B-6330-4B14-8E40-4C906E9D6909",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FBDC10C-6594-4554-ABF8-A5F6B7576676",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a number of concurrent streams beyond the advertised limit can cause a disruption of service. Remote client initiating stream beyond the advertised limit can cause a disruption of service. The Traffic Management Microkernel (TMM) data plane is exposed to this issue; the control plane is not exposed."
    },
    {
      "lang": "es",
      "value": "En F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM en versiones de software de la 12.0.0 a la 12.1.2, de la 11.6.0 a la 11.6.1 y de la 11.4.0 a la 11.5.4, cuando un servidor virtual utiliza la configuraci\u00f3n est\u00e1ndar de los perfiles SPDY o HTTP/2 con un perfil Client SSL y el cliente inicia un n\u00famero de transmisiones concurrentes superior al l\u00edmite establecido, se puede provocar una interrupci\u00f3n del servicio. El cliente remoto que inicia una transmisi\u00f3n m\u00e1s all\u00e1 del l\u00edmite establecido puede provocar una interrupci\u00f3n del servicio. El plano de datos del TMM (Traffic Management Kernel) est\u00e1 expuesto a este problema. El plano de control no est\u00e1 expuesto."
    }
  ],
  "id": "CVE-2017-6163",
  "lastModified": "2024-11-21T03:29:10.570",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-10-27T14:29:00.483",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101606"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039671"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K22541983"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101606"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039671"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K22541983"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-03-19 21:29
Modified
2024-11-21 02:09
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x before 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used with third-party Secure Sockets Layer (SSL) accelerator cards, might allow remote attackers to have unspecified impact via a timing side-channel attack.
References
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/95834Third Party Advisory, VDB Entry
cve@mitre.orghttps://support.f5.com/csp/article/K15500Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/95834Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K15500Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_analytics *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_wan_optimization_manager *
f5 big-ip_wan_optimization_manager *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6D61BF2-69D8-4AD2-85CD-D87F640A6888",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C483253F-841E-4D4E-9B4A-932E9D07268B",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BBEF73-E87D-467F-85EB-47BE212DF0E8",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE23220D-E364-41B7-A440-43B3AA4A716A",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E910D60-1145-4229-9890-80D2D67C3845",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "667D3780-3949-41AC-83DE-5BCB8B36C382",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F0E7766-BDB4-42AB-B6CC-6B4E86A10038",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5AF8C8-578E-4FD7-8BAA-53A57EE4C653",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06BA93C0-A7AE-4A8E-BD74-08149A204463",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E0D8F52-0EAD-4E02-A8D8-CBAE2CDC703B",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9A06D61-E6CB-4A8A-B06D-9FEA1812C167",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0B4C01-C71E-4E35-B63A-68395984E033",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9828CBA5-BB72-46E2-987D-633A5B3E2AFF",
              "versionEndIncluding": "11.4.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x before 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used with third-party Secure Sockets Layer (SSL) accelerator cards, might allow remote attackers to have unspecified impact via a timing side-channel attack."
    },
    {
      "lang": "es",
      "value": "Los servidores virtuales SSL en sistemas F5 BIG-IP, en versiones 10.x anteriores a la 10.2.4 HF9, versiones 11.x anteriores a la 11.2.1 HF12, versiones 11.3.0 anteriores a la HF10, versiones 11.4.0 anteriores a la HF8, versiones 11.4.1 anteriores a la HF5, versiones 11.5.0 anteriores a la HF5 y versiones 11.5.1 anteriores a la HF5, al emplearse con tarjetas de aceleraci\u00f3n SSL (Secure Sockets Layer) de terceros, podr\u00edan permitir que atacantes remotos provoquen un impacto sin especificar mediante un ataque de sincronizaci\u00f3n de canal lateral."
    }
  ],
  "id": "CVE-2014-4024",
  "lastModified": "2024-11-21T02:09:21.760",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-03-19T21:29:00.737",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95834"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K15500"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95834"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K15500"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-10-31 14:29
Modified
2024-11-21 03:50
Severity ?
4.9 (Medium) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Summary
When BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.1.0-2.3.0, or Enterprise Manager 3.1.1 is licensed for Appliance Mode, Admin and Resource administrator roles can by-pass BIG-IP Appliance Mode restrictions to overwrite critical system files. Attackers of high privilege level are able to overwrite critical system files which bypasses security controls in place to limit TMSH commands. This is possible with an administrator or resource administrator roles when granted TMSH. Resource administrator roles must have TMSH access in order to perform this attack.
References
f5sirt@f5.comhttps://support.f5.com/csp/article/K01067037Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K01067037Mitigation, Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 enterprise_manager 3.1.1
f5 big-iq_centralized_management *
f5 big-iq_centralized_management 4.6.0
f5 big-iq_cloud_and_orchestration 1.0.0
f5 iworkflow *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0740491-CFC6-4D53-A39F-3244710282D0",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F9094D4-087E-45D8-AD7B-A2FA1BF1E2F8",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D746D9C6-28DE-4170-9F08-16C58F160752",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFECB54D-C240-495E-A97B-6694BB992C9D",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3A526B1-EB66-497F-B8B5-45205781B323",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "88880F08-386C-4BC3-952D-DD1665D8B1EB",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "41D7E35D-EAC4-4D00-BB52-19414EEDD286",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8478F27-F451-4C94-9D45-9FCF30B6EB84",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6F24FC1-B549-48F9-AF0E-AB441E5EE4B4",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9032E773-CAB2-4108-A86B-04A8383663BE",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C47559FB-EC85-4A3A-B967-0BD37934B33D",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40C7F0AE-F55C-42D9-A6EF-1A0D53FFD4DE",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F63A24-36A9-4C90-B73B-131A5658C4C1",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE608E62-F3E2-405C-8239-760A7C1E1527",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "51218200-4536-4ED9-AA9A-301E2B30B829",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3EDF519-7610-4223-BBD7-B75438ACD8B2",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "39C62474-8F2E-4394-8B9E-FB06F8CE95C4",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCA46825-0425-4C7D-B846-05E6D4081F51",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "05456A39-5301-421B-853A-4651E1B13DE8",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "224F2348-19DC-4242-8A1E-5F5BDCB86B9C",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1C0F266-7321-4BBC-B5C6-8D25DCC1715F",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F51999-6742-445C-936B-C2873C5F27CB",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A537300-3211-4136-89C7-B99AD4F13B8C",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F921FE3-B481-4552-AE7C-FEE05DB6D301",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E021297A-FD19-446B-B526-7516503B6D24",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28DE49F7-E999-4D3F-8767-A2C3615DF780",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21A5DC79-66A0-4195-9A19-42FD2B5D7941",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "897F4A4D-D2E2-4171-8ECA-7E981034DE16",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84F95F43-BF52-423E-9B1A-55D6B7262A57",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC852AA9-7C30-44D8-A964-07DF817A4FF2",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ABCEA29-0EDF-4D41-BB61-F2C293A5A2E2",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB32AD06-69AF-4289-B854-ED9141E76582",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "31C5842B-0261-4CDB-888E-329FF7D73108",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B73F018-4FAD-48B3-9806-FC827787E323",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D11EBE7-741F-4585-962F-99EAA29C1F0E",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "55366FD7-D7BA-4D36-AC5D-1B822940842F",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63E2912-58B9-4541-8E5D-993F73AB74F1",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC818DB1-C85A-47A3-ABE2-0FFCD7AC3E40",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11876D9C-0082-454A-8254-B5FD74E87719",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F6C963-A1BF-4579-9345-D0207269577A",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C050740-2FD3-474D-A09A-C122F031342F",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C21FA11D-0C58-4DF7-85E0-5E8E7B1F14A8",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB7193B-3BEF-4920-9893-FF196E785850",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2680D4AD-CCD0-4964-8D8F-CF1FCDA2BEC3",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6B989A-BA55-47F5-8269-D9FA435ECC29",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FC80682-E373-4508-A297-EA19BF62BABA",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42E368FA-5A85-428E-B63D-FD027CD46E8E",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E5B875A-ACFE-4C98-B6C4-5A6262C09E23",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A00660C1-7A1C-42CF-A829-503DC2EC08E0",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F534EADF-DA49-4EDD-97F8-C4046E890D8B",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EBEBCB3-AF9E-4049-980D-E87B756D6D51",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34EC5593-4293-4D2A-A110-25D371F3E281",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ED25E87-39BC-4D15-B37A-FCBE97F7D3D2",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49F45207-07ED-4DF8-ABDA-4AD3E9CA26D1",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0233F1B-2DDB-4B01-A549-E76C18BBC3F1",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B885F0E9-8019-4053-AAAA-2C136D55FB71",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6217D65D-B15B-426B-8692-BA461BB57663",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "56181224-56D4-43BE-A296-52DF599A2BD5",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D43A55D-E9D4-45A3-8B41-B4B22BE4A536",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DBE74F-6E43-448F-9479-8FD75D5DCC22",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D655B3FF-5173-4850-B94C-B864E2115D95",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "91F78D2C-DC7C-4B1C-AB44-3CB810240D42",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6355263D-8407-466D-BB71-CB6316EDC668",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9479031-90AA-4C1D-B14C-CDFFBC99CCDE",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6ADE585-616C-4B40-A40C-EE97A8FAC653",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "559900D6-7E43-4D2F-9167-BDB04DD5D0DB",
              "versionEndIncluding": "5.4.0",
              "versionStartIncluding": "5.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:iworkflow:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "592FAA61-E5DE-4619-8B55-3BFE260CEEA8",
              "versionEndIncluding": "2.3.0",
              "versionStartIncluding": "2.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "When BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.1.0-2.3.0, or Enterprise Manager 3.1.1 is licensed for Appliance Mode, Admin and Resource administrator roles can by-pass BIG-IP Appliance Mode restrictions to overwrite critical system files. Attackers of high privilege level are able to overwrite critical system files which bypasses security controls in place to limit TMSH commands. This is possible with an administrator or resource administrator roles when granted TMSH. Resource administrator roles must have TMSH access in order to perform this attack."
    },
    {
      "lang": "es",
      "value": "Cuando BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2 o 11.2.1-11.5.6; BIG-IQ Centralized Management 5.0.0-5.4.0 o 4.6.0; BIG-IQ Cloud and Orchestration 1.0.0; iWorkflow 2.1.0-2.3.0 o Enterprise Manager 3.1.1 est\u00e1 licenciado para el modo Appliance, los roles de administrador Admin y Resource pueden omitir las restricciones del modo Appliance de BIG-IP para sobrescribir archivos cr\u00edticos del sistema. Los atacantes con nivel alto de privilegios pueden sobrescribir archivos cr\u00edticos del sistema, lo que omite los controles de seguridad existentes para limitar los comandos TMSH. Esto es posible con roles de administrador o administrador de recursos cuando se otorga TMSH. Los roles de administrador de recursos deben tener acceso TMSH para realizar este ataque."
    }
  ],
  "id": "CVE-2018-15321",
  "lastModified": "2024-11-21T03:50:33.440",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-31T14:29:00.470",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K01067037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K01067037"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2014-05-07 10:55
Modified
2024-12-19 18:45
Severity ?
Summary
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.
References
secalert@redhat.comhttp://bugzilla.novell.com/show_bug.cgi?id=875690Issue Tracking, Permissions Required, Third Party Advisory
secalert@redhat.comhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00Broken Link
secalert@redhat.comhttp://linux.oracle.com/errata/ELSA-2014-0771.htmlThird Party Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.htmlMailing List, Third Party Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.htmlMailing List, Third Party Advisory
secalert@redhat.comhttp://pastebin.com/raw.php?i=yTSFUBgZExploit, Mailing List, Third Party Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2014-0512.htmlThird Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/59218Not Applicable
secalert@redhat.comhttp://secunia.com/advisories/59262Broken Link
secalert@redhat.comhttp://secunia.com/advisories/59599Broken Link
secalert@redhat.comhttp://source.android.com/security/bulletin/2016-07-01.htmlNot Applicable
secalert@redhat.comhttp://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.htmlThird Party Advisory
secalert@redhat.comhttp://www.debian.org/security/2014/dsa-2926Third Party Advisory
secalert@redhat.comhttp://www.debian.org/security/2014/dsa-2928Third Party Advisory
secalert@redhat.comhttp://www.exploit-db.com/exploits/33516Exploit, Third Party Advisory, VDB Entry
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2014/05/05/6Mailing List, Third Party Advisory
secalert@redhat.comhttp://www.osvdb.org/106646Broken Link
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2196-1Third Party Advisory
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2197-1Third Party Advisory
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2198-1Third Party Advisory
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2199-1Third Party Advisory
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2200-1Third Party Advisory
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2201-1Third Party Advisory
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2202-1Third Party Advisory
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2203-1Third Party Advisory
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2204-1Third Party Advisory
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=1094232Issue Tracking, Patch, Third Party Advisory
secalert@redhat.comhttps://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00Exploit, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://bugzilla.novell.com/show_bug.cgi?id=875690Issue Tracking, Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00Broken Link
af854a3a-2127-422b-91ae-364da2661108http://linux.oracle.com/errata/ELSA-2014-0771.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://pastebin.com/raw.php?i=yTSFUBgZExploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-0512.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59218Not Applicable
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59262Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59599Broken Link
af854a3a-2127-422b-91ae-364da2661108http://source.android.com/security/bulletin/2016-07-01.htmlNot Applicable
af854a3a-2127-422b-91ae-364da2661108http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2014/dsa-2926Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2014/dsa-2928Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.exploit-db.com/exploits/33516Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2014/05/05/6Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/106646Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2196-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2197-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2198-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2199-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2200-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2201-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2202-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2203-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2204-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=1094232Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00Exploit, Patch, Third Party Advisory
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel 2.6.31
linux linux_kernel 2.6.31
linux linux_kernel 2.6.31
linux linux_kernel 2.6.31
linux linux_kernel 2.6.31
linux linux_kernel 2.6.31
linux linux_kernel 2.6.31
linux linux_kernel 2.6.31
debian debian_linux 6.0
debian debian_linux 7.0
redhat enterprise_linux 6.0
redhat enterprise_linux_eus 6.3
redhat enterprise_linux_eus 6.4
redhat enterprise_linux_server_eus 6.3
suse suse_linux_enterprise_desktop 11
suse suse_linux_enterprise_high_availability_extension 11
suse suse_linux_enterprise_server 11
suse suse_linux_enterprise_server 11
oracle linux 6
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
canonical ubuntu_linux 12.10
canonical ubuntu_linux 13.10
canonical ubuntu_linux 14.04
f5 big-ip_access_policy_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_analytics *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_security_manager *
f5 big-ip_edge_gateway *
f5 big-ip_global_traffic_manager *
f5 big-ip_link_controller *
f5 big-ip_local_traffic_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_protocol_security_module *
f5 big-ip_wan_optimization_manager *
f5 big-ip_webaccelerator *
f5 big-iq_application_delivery_controller 4.5.0
f5 big-iq_centralized_management 4.6.0
f5 big-iq_cloud *
f5 big-iq_cloud_and_orchestration 1.0.0
f5 big-iq_device *
f5 big-iq_security *
f5 enterprise_manager 3.1.0
f5 enterprise_manager 3.1.1


To clipboard 

{
  "cisaActionDue": "2023-06-02",
  "cisaExploitAdd": "2023-05-12",
  "cisaRequiredAction": "The impacted product is end-of-life and should be disconnected if still in use.",
  "cisaVulnerabilityName": "Linux Kernel Race Condition Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFDB0B31-FFF7-471B-9352-29099002BED7",
              "versionEndExcluding": "3.2.59",
              "versionStartExcluding": "2.6.31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "992BFD6A-701C-4412-9220-F6C77B4E64F3",
              "versionEndExcluding": "3.4.91",
              "versionStartIncluding": "3.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "287DC65B-A513-4FB9-A1CF-69F428030DF8",
              "versionEndExcluding": "3.10.40",
              "versionStartIncluding": "3.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D82F8C94-5FA7-4A7A-8855-ECF21B3BBD42",
              "versionEndExcluding": "3.12.20",
              "versionStartIncluding": "3.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9996644C-371E-49B9-A494-733B1EA513EC",
              "versionEndExcluding": "3.14.4",
              "versionStartIncluding": "3.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:-:*:*:*:*:*:*",
              "matchCriteriaId": "2887290A-1B43-4DB9-A9D0-B0B56CD78E48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "A2507858-675B-4DA2-A49E-00DB54700CF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "0A25EA55-3F1C-440C-A383-0BB9556C9508",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "B2665356-4EF5-4543-AD15-67FDB851DCCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "26E7609B-B058-496D-ACDD-7F69FBDE89E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc7:*:*:*:*:*:*",
              "matchCriteriaId": "210BF049-8B3C-4ACC-BF8E-2C3551477602",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc8:*:*:*:*:*:*",
              "matchCriteriaId": "1837F32C-80D3-4E10-AE5D-E9F5A11A434E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc9:*:*:*:*:*:*",
              "matchCriteriaId": "4B4E132B-A69A-4CD1-B4D9-E17C4361A3AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8382A145-CDD9-437E-9DE7-A349956778B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A8E07B7-3739-4BEB-88F8-C7F62431E889",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "413CC30E-5FFE-47A4-B38B-80E3A9B13238",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:-:*:*",
              "matchCriteriaId": "DD41513F-36F9-459C-A0CB-26C025E63CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "B39F3060-6F9E-4F20-8924-FEF5ED8A30CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*",
              "matchCriteriaId": "B2866FAF-4340-4EA7-9009-6594ADA27AF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
              "matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
              "matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
              "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
              "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F315708-017C-4362-9C09-6774F89D9370",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BBEF73-E87D-467F-85EB-47BE212DF0E8",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A430FFB4-418C-43DA-8E17-020618A77A56",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C483253F-841E-4D4E-9B4A-932E9D07268B",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A0CC74C-6914-4A6F-A1CE-65A695AE31F6",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FF30167-0241-4136-82F8-2D2FB545C19A",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54A45725-FECD-4CA9-BFA4-E13FCDFDDF13",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C596B3F-9D93-49D2-99D7-D590CC9AEAA5",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8696A6B-1B56-43B5-A506-21E17735B9CA",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9A06D61-E6CB-4A8A-B06D-9FEA1812C167",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C666A18-9DED-4B49-92DE-474403FC17BF",
              "versionEndIncluding": "11.4.1",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6B52D60-38DB-4BE9-91F4-B6553F5E5A93",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1E3204F-9464-4AC3-819B-D1A6B399FAE3",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8BF865-BA45-4711-829F-EC8E5EA22D2F",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3E56EB-202A-4F58-8E94-B2DDA1693498",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C580F19-AF18-49EE-89FF-8C4F5C88314D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the \"LECHO \u0026 !OPOST\" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n n_tty_write en drivers/tty/n_tty.c en el kernel de Linux hasta 3.14.3 no maneja debidamente acceso al controlador tty en el caso \u0027LECHO \u0026 !OPOST\u0027, lo que permite a usuarios locales causar una denegaci\u00f3n de servicio (consumo de memoria y ca\u00edda de sistema) o ganar privilegios mediante la provocaci\u00f3n de una condici\u00f3n de carrera involucrando operaciones de lectura y escritura con cadenas largas."
    }
  ],
  "id": "CVE-2014-0196",
  "lastModified": "2024-12-19T18:45:22.253",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-05-07T10:55:04.337",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://pastebin.com/raw.php?i=yTSFUBgZ"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/59218"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59262"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59599"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://source.android.com/security/bulletin/2016-07-01.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2014/dsa-2926"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2014/dsa-2928"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.exploit-db.com/exploits/33516"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.osvdb.org/106646"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2196-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2197-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2198-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2199-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2200-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2201-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2202-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2203-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2204-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://pastebin.com/raw.php?i=yTSFUBgZ"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/59218"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59262"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59599"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://source.android.com/security/bulletin/2016-07-01.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2014/dsa-2926"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2014/dsa-2928"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.exploit-db.com/exploits/33516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.osvdb.org/106646"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2196-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2197-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2198-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2199-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2200-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2201-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2202-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2203-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2204-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-362"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-10-31 14:29
Modified
2024-11-21 03:50
Severity ?
4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Summary
In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, iControl and TMSH usage by authenticated users may leak a small amount of memory when executing commands
References
f5sirt@f5.comhttps://support.f5.com/csp/article/K77313277Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K77313277Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B189FA9C-D989-460B-85AC-FD39F8E0259E",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3A526B1-EB66-497F-B8B5-45205781B323",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A53D2261-716A-46D4-B1A4-1C1D84F6AF94",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9032E773-CAB2-4108-A86B-04A8383663BE",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11719D56-D88C-4970-B89E-376D6883857B",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "51218200-4536-4ED9-AA9A-301E2B30B829",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "93B1A472-EA29-4D4E-A27E-F40B0457DE39",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "224F2348-19DC-4242-8A1E-5F5BDCB86B9C",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E55CC546-E22D-4DD3-B0A6-9C4BC65E0951",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E021297A-FD19-446B-B526-7516503B6D24",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE41473-F2DF-4FA8-B208-2A546DE49CA2",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC852AA9-7C30-44D8-A964-07DF817A4FF2",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "734B216E-67CD-44B3-AA47-2D86BF2D68CF",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D11EBE7-741F-4585-962F-99EAA29C1F0E",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "018D35E1-B5D0-456E-9348-79E6CD0560E2",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F6C963-A1BF-4579-9345-D0207269577A",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C762BE7-29D5-47B2-B3A3-8AD9646417B6",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6B989A-BA55-47F5-8269-D9FA435ECC29",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CFDA5A2-FDB6-4F7A-ADC1-A1016639FCDC",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F534EADF-DA49-4EDD-97F8-C4046E890D8B",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6010CA3B-B5AB-4C6B-93A9-A148207224B2",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0233F1B-2DDB-4B01-A549-E76C18BBC3F1",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0A2FCB-564D-4530-B642-624B6A4F1A22",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DBE74F-6E43-448F-9479-8FD75D5DCC22",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A5F5C3E-C71C-4FBF-A2F4-68CEC90097DA",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6ADE585-616C-4B40-A40C-EE97A8FAC653",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, iControl and TMSH usage by authenticated users may leak a small amount of memory when executing commands"
    },
    {
      "lang": "es",
      "value": "En BIG-IP 14.0.0-14.0.0.2 o 13.0.0-13.1.1.1, el uso de iControl y TMSH por parte de usuarios podr\u00eda filtrar una peque\u00f1a cantidad de memoria al ejecutar comandos."
    }
  ],
  "id": "CVE-2018-15325",
  "lastModified": "2024-11-21T03:50:33.993",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-31T14:29:00.673",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K77313277"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K77313277"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2015-09-17 16:59
Modified
2024-11-21 02:30
Severity ?
Summary
Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors.
References
cve@mitre.orghttp://packetstormsecurity.com/files/133931/F5-BigIP-10.2.4-Build-595.0-HF3-Path-Traversal.html
cve@mitre.orghttp://www.securitytracker.com/id/1033532
cve@mitre.orghttp://www.securitytracker.com/id/1033533
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/17000/200/sol17253.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/133931/F5-BigIP-10.2.4-Build-595.0-HF3-Path-Traversal.html
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033532
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033533
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/17000/200/sol17253.htmlVendor Advisory
Impacted products
Vendor Product Version
f5 enterprise_manager 3.0.0
f5 enterprise_manager 3.1.0
f5 enterprise_manager 3.1.1
f5 big-ip_access_policy_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_analytics *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_security_manager *
f5 big-ip_edge_gateway *
f5 big-ip_global_traffic_manager *
f5 big-ip_link_controller *
f5 big-ip_local_traffic_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_protocol_security_module *
f5 big-ip_wan_optimization_manager *
f5 big-ip_webaccelerator *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "125C8A19-4F51-42DD-BA11-F299721EFBB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C580F19-AF18-49EE-89FF-8C4F5C88314D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EC5258F-B53C-4E2B-A5C0-9AEF63675BB5",
              "versionEndIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9CB99A3-6DE4-4227-9D89-E05F10AC2880",
              "versionEndIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5049073B-7754-4A47-A206-08B46456953A",
              "versionEndIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F4ACC44-64A6-46AF-B982-9A65B5DE1695",
              "versionEndIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B132488-A1D7-4D67-BD09-0BDDE0236D5D",
              "versionEndIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3F866FB-373B-4B82-8F79-F2C7C12D4E34",
              "versionEndIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1C8CDD7-23A3-4618-813C-AFC2C02900FB",
              "versionEndIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "218A281D-80BE-45F3-822A-889E826175C6",
              "versionEndIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27649D21-B5C6-4354-8455-B4A4D07AE172",
              "versionEndIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "03AC76ED-6E8A-4947-AFF7-733DF6A0DF0D",
              "versionEndIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "652B5211-04DE-4D41-813F-C086D0862FF3",
              "versionEndIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "719843BE-0895-4693-8553-C173054D1FCD",
              "versionEndIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AC03DE9-20CB-42AE-95D0-C1C4AD61ECE3",
              "versionEndIncluding": "11.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de salto de directorio en la utilidad de configuraci\u00f3n en F5 BIG-IP en versiones anteriores a 12.0.0 y Enterprise Manager 3.0.0 hasta la versi\u00f3n 3.1.1, permite a usuarios remotos autenticados acceder a archivos arbitrarios en la ra\u00edz web a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2015-4040",
  "lastModified": "2024-11-21T02:30:20.130",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-09-17T16:59:01.527",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://packetstormsecurity.com/files/133931/F5-BigIP-10.2.4-Build-595.0-HF3-Path-Traversal.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1033532"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1033533"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/17000/200/sol17253.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://packetstormsecurity.com/files/133931/F5-BigIP-10.2.4-Build-595.0-HF3-Path-Traversal.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1033532"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1033533"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/17000/200/sol17253.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-10-08 19:29
Modified
2024-11-21 02:58
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Under some circumstances on BIG-IP 12.0.0-12.1.0, 11.6.0-11.6.1, or 11.4.0-11.5.4 HF1, the Traffic Management Microkernel (TMM) may not properly clean-up pool member network connections when using SPDY or HTTP/2 virtual server profiles.
References
f5sirt@f5.comhttps://support.f5.com/csp/article/K01587042Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K01587042Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_protocol_security_module *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0C3B366-AF0B-4E51-A0BF-0DEAA6BB1FC8",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0E55BE9-4DF7-46A9-B09A-9FF52793867C",
              "versionEndIncluding": "12.1.0",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF427C23-997D-40E5-8F6B-4436E492A832",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67A85107-2BDD-407E-B4FF-1919628C8A90",
              "versionEndIncluding": "12.1.0",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70FB5FD7-4B96-438C-AAD3-D2E128DAA8BF",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7444353D-CF4E-4DBF-BAD2-46B31D2B4683",
              "versionEndIncluding": "12.1.0",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "642287A2-768E-4660-A81D-C8318FF3119F",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "22B0145B-3B57-4065-8314-451D9FD25392",
              "versionEndIncluding": "12.1.0",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D090B200-536B-4FF1-A9FF-0FC9D6211265",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B004EB-A0FE-4057-9538-F0A31CADD627",
              "versionEndIncluding": "12.1.0",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "190C4DB7-D5A4-40BF-9066-84BFA854BDBE",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54E61790-D48E-4D3E-A1E0-69FAA8FB4003",
              "versionEndIncluding": "12.1.0",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC4EA1F5-3720-41BE-AFBA-C4D99F131EE1",
              "versionEndIncluding": "11.6.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "129AC7BA-C420-4638-9EEF-84D24E30DD05",
              "versionEndIncluding": "12.1.0",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "041CE71A-50D1-44E6-B683-CD7F89C51893",
              "versionEndIncluding": "11.4.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Under some circumstances on BIG-IP 12.0.0-12.1.0, 11.6.0-11.6.1, or 11.4.0-11.5.4 HF1, the Traffic Management Microkernel (TMM) may not properly clean-up pool member network connections when using SPDY or HTTP/2 virtual server profiles."
    },
    {
      "lang": "es",
      "value": "En algunas circunstancias en BIG-IP 12.0.0-12.1.0, 11.6.0-11.6.1 o 11.4.0-11.5.4 HF1, Traffic Management Microkernel (TMM) podr\u00eda no limpiar correctamente las conexiones de red de miembros del grupo al emplear los perfiles del servidor virtual SPDY o HTTP/2."
    }
  ],
  "id": "CVE-2016-7475",
  "lastModified": "2024-11-21T02:58:04.480",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-08T19:29:00.307",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K01587042"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K01587042"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-10-31 14:29
Modified
2024-11-21 03:50
Severity ?
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, in certain circumstances, when processing traffic through a Virtual Server with an associated MQTT profile, the TMM process may produce a core file and take the configured HA action.
References
f5sirt@f5.comhttps://support.f5.com/csp/article/K26583415Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K26583415Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B189FA9C-D989-460B-85AC-FD39F8E0259E",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3A526B1-EB66-497F-B8B5-45205781B323",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A53D2261-716A-46D4-B1A4-1C1D84F6AF94",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9032E773-CAB2-4108-A86B-04A8383663BE",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11719D56-D88C-4970-B89E-376D6883857B",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "51218200-4536-4ED9-AA9A-301E2B30B829",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "93B1A472-EA29-4D4E-A27E-F40B0457DE39",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "224F2348-19DC-4242-8A1E-5F5BDCB86B9C",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E55CC546-E22D-4DD3-B0A6-9C4BC65E0951",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E021297A-FD19-446B-B526-7516503B6D24",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE41473-F2DF-4FA8-B208-2A546DE49CA2",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC852AA9-7C30-44D8-A964-07DF817A4FF2",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "734B216E-67CD-44B3-AA47-2D86BF2D68CF",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D11EBE7-741F-4585-962F-99EAA29C1F0E",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "018D35E1-B5D0-456E-9348-79E6CD0560E2",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F6C963-A1BF-4579-9345-D0207269577A",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C762BE7-29D5-47B2-B3A3-8AD9646417B6",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6B989A-BA55-47F5-8269-D9FA435ECC29",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CFDA5A2-FDB6-4F7A-ADC1-A1016639FCDC",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F534EADF-DA49-4EDD-97F8-C4046E890D8B",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6010CA3B-B5AB-4C6B-93A9-A148207224B2",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0233F1B-2DDB-4B01-A549-E76C18BBC3F1",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0A2FCB-564D-4530-B642-624B6A4F1A22",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DBE74F-6E43-448F-9479-8FD75D5DCC22",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A5F5C3E-C71C-4FBF-A2F4-68CEC90097DA",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6ADE585-616C-4B40-A40C-EE97A8FAC653",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, in certain circumstances, when processing traffic through a Virtual Server with an associated MQTT profile, the TMM process may produce a core file and take the configured HA action."
    },
    {
      "lang": "es",
      "value": "En BIG-IP 14.0.0-14.0.0.2 o 13.0.0-13.1.1.1, en ciertas circunstancias, al procesar tr\u00e1fico mediante un servidor virtual con un perfil MQTT asociado, el proceso TMM podr\u00eda producir un archivo core y tomar la acci\u00f3n HA configurada."
    }
  ],
  "id": "CVE-2018-15323",
  "lastModified": "2024-11-21T03:50:33.717",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-31T14:29:00.580",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K26583415"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K26583415"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2014-11-01 23:55
Modified
2024-11-21 02:13
Severity ?
Summary
Multiple XML External Entity (XXE) vulnerabilities in the Configuration utility in F5 BIG-IP LTM, ASM, GTM, and Link Controller 11.0 through 11.6.0 and 10.0.0 through 10.2.4, AAM 11.4.0 through 11.6.0, ARM 11.3.0 through 11.6.0, Analytics 11.0.0 through 11.6.0, APM and Edge Gateway 11.0.0 through 11.6.0 and 10.1.0 through 10.2.4, PEM 11.3.0 through 11.6.0, PSM 11.0.0 through 11.4.1 and 10.0.0 through 10.2.4, and WOM 11.0.0 through 11.3.0 and 10.0.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allow remote authenticated users to read arbitrary files and cause a denial of service via a crafted request, as demonstrated using (1) viewList or (2) deal elements.
References
cve@mitre.orghttp://packetstormsecurity.com/files/128915/F5-Big-IP-11.3.0.39.0-XML-External-Entity-Injection-1.htmlExploit
cve@mitre.orghttp://seclists.org/fulldisclosure/2014/Oct/128
cve@mitre.orghttp://seclists.org/fulldisclosure/2014/Oct/129
cve@mitre.orghttp://seclists.org/fulldisclosure/2014/Oct/130
cve@mitre.orghttp://www.securityfocus.com/bid/70834Exploit
cve@mitre.orghttp://www.securitytracker.com/id/1031144
cve@mitre.orghttp://www.securitytracker.com/id/1031145
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/98402
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/98403
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/15000/600/sol15605.htmlVendor Advisory
cve@mitre.orghttps://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6032/
cve@mitre.orghttps://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6033/
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/128915/F5-Big-IP-11.3.0.39.0-XML-External-Entity-Injection-1.htmlExploit
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2014/Oct/128
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2014/Oct/129
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2014/Oct/130
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/70834Exploit
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1031144
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1031145
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/98402
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/98403
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15605.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6032/
af854a3a-2127-422b-91ae-364da2661108https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6033/
Impacted products
Vendor Product Version
f5 big-ip_protocol_security_module 10.0.0
f5 big-ip_protocol_security_module 10.1.0
f5 big-ip_protocol_security_module 10.2.0
f5 big-ip_protocol_security_module 10.2.1
f5 big-ip_protocol_security_module 10.2.2
f5 big-ip_protocol_security_module 10.2.3
f5 big-ip_protocol_security_module 10.2.4
f5 big-ip_protocol_security_module 11.0.0
f5 big-ip_protocol_security_module 11.1.0
f5 big-ip_protocol_security_module 11.2.0
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_global_traffic_manager 10.0.0
f5 big-ip_global_traffic_manager 10.1.0
f5 big-ip_global_traffic_manager 10.2.0
f5 big-ip_global_traffic_manager 10.2.1
f5 big-ip_global_traffic_manager 10.2.2
f5 big-ip_global_traffic_manager 10.2.3
f5 big-ip_global_traffic_manager 10.2.4
f5 big-ip_global_traffic_manager 11.0.0
f5 big-ip_global_traffic_manager 11.1.0
f5 big-ip_global_traffic_manager 11.2.0
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.3.0
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_policy_enforcement_manager 11.3.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_wan_optimization_manager 10.0.0
f5 big-ip_wan_optimization_manager 10.1.0
f5 big-ip_wan_optimization_manager 10.2.0
f5 big-ip_wan_optimization_manager 10.2.1
f5 big-ip_wan_optimization_manager 10.2.2
f5 big-ip_wan_optimization_manager 10.2.3
f5 big-ip_wan_optimization_manager 10.2.4
f5 big-ip_wan_optimization_manager 11.0.0
f5 big-ip_wan_optimization_manager 11.1.0
f5 big-ip_wan_optimization_manager 11.2.0
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_wan_optimization_manager 11.3.0
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_security_manager 10.0.0
f5 big-ip_application_security_manager 10.1.0
f5 big-ip_application_security_manager 10.2.0
f5 big-ip_application_security_manager 10.2.1
f5 big-ip_application_security_manager 10.2.2
f5 big-ip_application_security_manager 10.2.3
f5 big-ip_application_security_manager 10.2.4
f5 big-ip_application_security_manager 11.0.0
f5 big-ip_application_security_manager 11.1.0
f5 big-ip_application_security_manager 11.2.0
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.3.0
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_advanced_firewall_manager 11.3.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_webaccelerator 10.0.0
f5 big-ip_webaccelerator 10.1.0
f5 big-ip_webaccelerator 10.2.0
f5 big-ip_webaccelerator 10.2.1
f5 big-ip_webaccelerator 10.2.2
f5 big-ip_webaccelerator 10.2.3
f5 big-ip_webaccelerator 10.2.4
f5 big-ip_webaccelerator 11.0.0
f5 big-ip_webaccelerator 11.1.0
f5 big-ip_webaccelerator 11.2.0
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_webaccelerator 11.3.0
f5 big-ip_analytics 11.0.0
f5 big-ip_analytics 11.1.0
f5 big-ip_analytics 11.2.0
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.3.0
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.6.0
f5 big-ip_link_controller 10.0.0
f5 big-ip_link_controller 10.1.0
f5 big-ip_link_controller 10.2.0
f5 big-ip_link_controller 10.2.1
f5 big-ip_link_controller 10.2.2
f5 big-ip_link_controller 10.2.3
f5 big-ip_link_controller 10.2.4
f5 big-ip_link_controller 11.0.0
f5 big-ip_link_controller 11.1.0
f5 big-ip_link_controller 11.2.0
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.3.0
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.6.0
f5 big-ip_application_security_manager 10.0.0
f5 big-ip_application_security_manager 10.1.0
f5 big-ip_application_security_manager 10.2.0
f5 big-ip_application_security_manager 10.2.1
f5 big-ip_application_security_manager 10.2.2
f5 big-ip_application_security_manager 10.2.3
f5 big-ip_application_security_manager 10.2.4
f5 big-ip_application_security_manager 11.0.0
f5 big-ip_application_security_manager 11.1.0
f5 big-ip_application_security_manager 11.2.0
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.3.0
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.6.0
f5 enterprise_manager 3.0.0
f5 enterprise_manager 3.1.0
f5 enterprise_manager 3.1.1
f5 enterprise_manager 2.1.0
f5 enterprise_manager 2.2.0
f5 enterprise_manager 2.3.0
f5 big-ip_local_traffic_manager 10.0.0
f5 big-ip_local_traffic_manager 10.1.0
f5 big-ip_local_traffic_manager 10.2.0
f5 big-ip_local_traffic_manager 10.2.1
f5 big-ip_local_traffic_manager 10.2.2
f5 big-ip_local_traffic_manager 10.2.3
f5 big-ip_local_traffic_manager 10.2.4
f5 big-ip_local_traffic_manager 11.0.0
f5 big-ip_local_traffic_manager 11.1.0
f5 big-ip_local_traffic_manager 11.2.0
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.3.0
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_edge_gateway 10.1.0
f5 big-ip_edge_gateway 10.2.0
f5 big-ip_edge_gateway 10.2.1
f5 big-ip_edge_gateway 10.2.2
f5 big-ip_edge_gateway 10.2.3
f5 big-ip_edge_gateway 10.2.4
f5 big-ip_edge_gateway 11.0.0
f5 big-ip_edge_gateway 11.1.0
f5 big-ip_edge_gateway 11.2.0
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_edge_gateway 11.3.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2691943C-1FD1-43EE-B070-E35710E426ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "288EB1AC-9DE3-4FE2-AE4D-006A49199877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1405D7AE-D14C-40F6-9144-EF2F18A6EBC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16ACB60E-B9E9-402A-BE42-DF5C892C2257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6363B0D-AC1F-4AF5-BC02-19F77A85F3AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B80111-6F28-4E7F-B9DE-27825866A138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8D0587-ED89-4CDB-960D-37FBD522B146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77088CC-8C8C-4D6E-9770-634A5BF62A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D19442F-065D-4CBE-87EA-697CECD6A47C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445A56C-8D69-484B-8EC4-1F45B4490CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB441DC5-813E-4E59-87B8-15731291B135",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "126AD92E-6816-42C0-8801-A81B59C11A56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "890F363A-FC4F-4F52-BBFF-E959F65043A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0018A0C0-AFB3-4654-9504-78A2742C6EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A1ACF2F-3C0E-42E1-A1D2-6D682B2E32C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D810F8-6062-4901-9832-226F80287C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C19BDD-1286-48C7-8E7D-66C100D02319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4653A4-833F-4381-86E9-452F19A53868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD4E5E9-5289-4E84-A922-97364D8EB6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "479AFDC6-CE0E-4AAC-8DA9-26ADCD96E8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E951823B-9791-48C7-A804-18FEBEC31279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F1A903-4AF5-4FE6-92B0-9F0B64723804",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "383966C0-2FDD-4755-BA16-EE73D4577DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "71578014-E3CD-40A9-8AE4-537C970B4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4758B4CB-5CD9-4505-8E91-E5E849937A63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C801C53F-9ECC-42B9-A119-5046706CA621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A544E4-B9BB-4735-8239-4FC57473BB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E5BF8D-7391-49E3-A17A-26A1F138A3C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C33FD2-8473-485C-9726-5673B49A031D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FA77AD2-557E-41E5-8BE5-F4B4A1AB8E13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D810F8-6062-4901-9832-226F80287C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C19BDD-1286-48C7-8E7D-66C100D02319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4653A4-833F-4381-86E9-452F19A53868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD4E5E9-5289-4E84-A922-97364D8EB6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "479AFDC6-CE0E-4AAC-8DA9-26ADCD96E8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "125C8A19-4F51-42DD-BA11-F299721EFBB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C580F19-AF18-49EE-89FF-8C4F5C88314D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:enterprise_manager:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE619B40-18EB-4F01-A416-63A66577F14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:enterprise_manager:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "003DFFC0-C51B-43B8-897A-6AD71A7B60FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:enterprise_manager:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "05803D5C-15CD-4600-9703-951D28173E49",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1C4384-1728-4A71-8634-DCE3F2AEB8F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF1FD1C1-6980-4E9F-8DEF-D9E552510481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F443F1-C43F-42AD-98E4-AE11C72F363E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16CD0C3-13CC-46D2-8E33-A98B3ACC1992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE056B1B-5037-453C-B845-06A507452821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D982EE29-D298-4D39-897A-580D867CDE50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D477F539-2E79-47BB-A8CF-F3A73AA72A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C59A21-CFC9-41CE-AEC3-FD9E8B02A5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE109CFC-59FD-4859-87EF-5FDD1BD94260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple XML External Entity (XXE) vulnerabilities in the Configuration utility in F5 BIG-IP LTM, ASM, GTM, and Link Controller 11.0 through 11.6.0 and 10.0.0 through 10.2.4, AAM 11.4.0 through 11.6.0, ARM 11.3.0 through 11.6.0, Analytics 11.0.0 through 11.6.0, APM and Edge Gateway 11.0.0 through 11.6.0 and 10.1.0 through 10.2.4, PEM 11.3.0 through 11.6.0, PSM 11.0.0 through 11.4.1 and 10.0.0 through 10.2.4, and WOM 11.0.0 through 11.3.0 and 10.0.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allow remote authenticated users to read arbitrary files and cause a denial of service via a crafted request, as demonstrated using (1) viewList or (2) deal elements."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades XXE en la utilidad Configuration en F5 BIG-IP LTM, ASM, GTM y Link Controller 11.0 hasta la versi\u00f3n 11.6.0 and 10.0.0 hasta la versi\u00f3n 10.2.4, AAM 11.4.0 hasta la versi\u00f3n 11.6.0, ARM 11.3.0 hasta la versi\u00f3n 11.6.0, Analytics 11.0.0 hasta la versi\u00f3n 11.6.0, APM y Edge Gateway 11.0.0 hasta la versi\u00f3n 11.6.0 and 10.1.0 hasta la versi\u00f3n 10.2.4, PEM 11.3.0 hasta la versi\u00f3n 11.6.0, PSM 11.0.0 hasta la versi\u00f3n 11.4.1 y 10.0.0 hasta la versi\u00f3n 10.2.4 y WOM 11.0.0 hasta la versi\u00f3n 11.3.0 y 10.0.0 hasta la versi\u00f3n 10.2.4 y Enterprise Manager 3.0.0 hasta la versi\u00f3n 3.1.1 y 2.1.0 hasta la versi\u00f3n 2.3.0 permiten a usuarios remotos autenticados leer archivos arbitrarios y causar una denegaci\u00f3n de servicio a trav\u00e9s de una petici\u00f3n manipulada, seg\u00fan lo demostrado usando elementos (1) viewlist o (2) deal."
    }
  ],
  "evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/611.html\"\u003eCWE-611: Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)\u003c/a\u003e",
  "id": "CVE-2014-6032",
  "lastModified": "2024-11-21T02:13:37.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-11-01T23:55:09.587",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/128915/F5-Big-IP-11.3.0.39.0-XML-External-Entity-Injection-1.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://seclists.org/fulldisclosure/2014/Oct/128"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://seclists.org/fulldisclosure/2014/Oct/129"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://seclists.org/fulldisclosure/2014/Oct/130"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/70834"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1031144"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1031145"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98402"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98403"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15605.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6032/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6033/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/128915/F5-Big-IP-11.3.0.39.0-XML-External-Entity-Injection-1.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2014/Oct/128"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2014/Oct/129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2014/Oct/130"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/70834"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1031144"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1031145"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98402"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98403"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15605.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6032/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-6033/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2016-08-19 21:59
Modified
2024-11-21 02:37
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AFM and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF16 and 11.3.0; and BIG-IP PSM 11.x before 11.2.1 HF16, 11.3.x, and 11.4.x before 11.4.1 HF10 allows remote authenticated users with certain permissions to gain privileges by leveraging an Access Policy Manager customization configuration section that allows file uploads.
References
cve@mitre.orghttp://www.securitytracker.com/id/1036627Third Party Advisory, VDB Entry
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1036627Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.htmlVendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_global_traffic_manager 11.0.0
f5 big-ip_global_traffic_manager 11.1.0
f5 big-ip_global_traffic_manager 11.2.0
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.3.0
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_local_traffic_manager 11.0.0
f5 big-ip_local_traffic_manager 11.1.0
f5 big-ip_local_traffic_manager 11.2.0
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.3.0
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.5.3
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_webaccelerator 11.0.0
f5 big-ip_webaccelerator 11.1.0
f5 big-ip_webaccelerator 11.2.0
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_webaccelerator 11.3.0
f5 big-ip_policy_enforcement_manager 11.3.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_advanced_firewall_manager 11.3.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_access_policy_manager 11.0.0
f5 big-ip_access_policy_manager 11.1.0
f5 big-ip_access_policy_manager 11.2.0
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.3.0
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_analytics 11.0.0
f5 big-ip_analytics 11.1.0
f5 big-ip_analytics 11.2.0
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.3.0
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.5.3
f5 big-ip_analytics 11.6.0
f5 big-ip_wan_optimization_manager 11.0.0
f5 big-ip_wan_optimization_manager 11.1.0
f5 big-ip_wan_optimization_manager 11.2.0
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_wan_optimization_manager 11.3.0
f5 big-ip_link_controller 11.0.0
f5 big-ip_link_controller 11.1.0
f5 big-ip_link_controller 11.2.0
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.3.0
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.6.0
f5 big-ip_edge_gateway 11.0.0
f5 big-ip_edge_gateway 11.1.0
f5 big-ip_edge_gateway 11.2.0
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_edge_gateway 11.3.0
f5 big-ip_application_security_manager 11.0.0
f5 big-ip_application_security_manager 11.1.0
f5 big-ip_application_security_manager 11.2.0
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.3.0
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_websafe 11.6.0
f5 big-ip_protocol_security_module 11.0.0
f5 big-ip_protocol_security_module 11.1.0
f5 big-ip_protocol_security_module 11.2.0
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "228D5DA1-C78A-4E05-997A-50F6C1B59593",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AFM and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF16 and 11.3.0; and BIG-IP PSM 11.x before 11.2.1 HF16, 11.3.x, and 11.4.x before 11.4.1 HF10 allows remote authenticated users with certain permissions to gain privileges by leveraging an Access Policy Manager customization configuration section that allows file uploads."
    },
    {
      "lang": "es",
      "value": "La utilidad Configuration en F5 BIG-IP LTM, Analytics, APM, ASM, GTM y Link Controller 11.x en versiones anteriores a 11.2.1 HF16, 11.3.x, 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4 y 11.6.x en versiones anteriores a 11.6.1; BIG-IP AAM 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4 y 11.6.x en versiones anteriores a 11.6.1; BIG-IP AFM y PEM 11.3.x, 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4 y 11.6.x en versiones anteriores a 11.6.1; BIG-IP Edge Gateway, WebAccelerator y WOM 11.x en versiones anteriores a 11.2.1 HF16 y 11.3.0; y BIG-IP PSM 11.x en versiones anteriores a 11.2.1 HF16, 11.3.x y 11.4.x en versiones anteriores a 11.4.1 HF10 permite a usuarios remotos autenticados con ciertos permisos obtener privilegios aprovechando una secci\u00f3n de configuraci\u00f3n de personalizaci\u00f3n Access Policy Manager que permite la carga de archivos."
    }
  ],
  "id": "CVE-2015-8022",
  "lastModified": "2024-11-21T02:37:51.600",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 8.5,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-08-19T21:59:01.243",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036627"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036627"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/12/sol12401251.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-10-31 14:29
Modified
2024-11-21 03:50
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In BIG-IP 14.0.0-14.0.0.2, 13.1.0.4-13.1.1.1, or 12.1.3.4-12.1.3.6, If an MPTCP connection receives an abort signal while the initial flow is not the primary flow, the initial flow will remain after the closing procedure is complete. TMM may restart and produce a core file as a result of this condition.
References
f5sirt@f5.comhttps://support.f5.com/csp/article/K16248201Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K16248201Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "040A1C53-7997-48D2-BE1D-60BC80DB680A",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.3.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B189FA9C-D989-460B-85AC-FD39F8E0259E",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3A526B1-EB66-497F-B8B5-45205781B323",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC25D218-2108-489C-8F3E-2FDF51D187AB",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.3.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A53D2261-716A-46D4-B1A4-1C1D84F6AF94",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9032E773-CAB2-4108-A86B-04A8383663BE",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EFC2240-481A-4C45-B964-8921E5D2F164",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.3.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11719D56-D88C-4970-B89E-376D6883857B",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "51218200-4536-4ED9-AA9A-301E2B30B829",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA20995-CA41-48BA-8F34-61BEAF7F4314",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.3.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "93B1A472-EA29-4D4E-A27E-F40B0457DE39",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "224F2348-19DC-4242-8A1E-5F5BDCB86B9C",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB96119-3BC3-4CB6-9745-735B99C6CD2E",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.3.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E55CC546-E22D-4DD3-B0A6-9C4BC65E0951",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E021297A-FD19-446B-B526-7516503B6D24",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2F85BC-0614-4E39-B32D-982CCACA82A6",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.3.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE41473-F2DF-4FA8-B208-2A546DE49CA2",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC852AA9-7C30-44D8-A964-07DF817A4FF2",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C5A3208-E10D-4C3F-BB87-D3AD3B7A33B6",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.3.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "734B216E-67CD-44B3-AA47-2D86BF2D68CF",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D11EBE7-741F-4585-962F-99EAA29C1F0E",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4ECE036D-DB27-4803-BA29-857B18262C50",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.3.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "018D35E1-B5D0-456E-9348-79E6CD0560E2",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F6C963-A1BF-4579-9345-D0207269577A",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCAAEFA-59F7-4409-BCD3-A90B12769D33",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.3.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C762BE7-29D5-47B2-B3A3-8AD9646417B6",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6B989A-BA55-47F5-8269-D9FA435ECC29",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F988832-C539-4CAB-A31D-3E383BB6F816",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.3.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CFDA5A2-FDB6-4F7A-ADC1-A1016639FCDC",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F534EADF-DA49-4EDD-97F8-C4046E890D8B",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "510D3DA9-7E32-4350-AD40-15BF03FB2055",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.3.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6010CA3B-B5AB-4C6B-93A9-A148207224B2",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0233F1B-2DDB-4B01-A549-E76C18BBC3F1",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "384DCBA6-7155-4B10-9C3A-B3DE5E266CDC",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.3.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0A2FCB-564D-4530-B642-624B6A4F1A22",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DBE74F-6E43-448F-9479-8FD75D5DCC22",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F1FE6C3-244C-4FAD-847B-F5299AFE1B60",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.3.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A5F5C3E-C71C-4FBF-A2F4-68CEC90097DA",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6ADE585-616C-4B40-A40C-EE97A8FAC653",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In BIG-IP 14.0.0-14.0.0.2, 13.1.0.4-13.1.1.1, or 12.1.3.4-12.1.3.6, If an MPTCP connection receives an abort signal while the initial flow is not the primary flow, the initial flow will remain after the closing procedure is complete. TMM may restart and produce a core file as a result of this condition."
    },
    {
      "lang": "es",
      "value": "En BIG-IP 14.0.0-14.0.0.2, 13.1.0.4-13.1.1.1 o 12.1.3.4-12.1.3.6, si una conexi\u00f3n MPTCP recibe una se\u00f1al de aborto mientras el flujo inicial no es el primario, el flujo inicial se mantendr\u00e1 una vez se completa el procedimiento de cierre. TMM podr\u00eda reiniciarse y producir un archivo core como resultado de esta condici\u00f3n."
    }
  ],
  "id": "CVE-2018-15318",
  "lastModified": "2024-11-21T03:50:33.037",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-31T14:29:00.313",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K16248201"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K16248201"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2014-10-15 14:55
Modified
2024-11-21 02:07
Severity ?
Summary
The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address.
References
cret@cert.orghttp://www.exploit-db.com/exploits/34465Exploit
cret@cert.orghttp://www.security-assessment.com/files/documents/advisory/F5_Unauthenticated_rsync_access_to_Remote_Root_Code_Execution.pdfExploit
cret@cert.orghttps://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.exploit-db.com/exploits/34465Exploit
af854a3a-2127-422b-91ae-364da2661108http://www.security-assessment.com/files/documents/advisory/F5_Unauthenticated_rsync_access_to_Remote_Root_Code_Execution.pdfExploit
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.htmlVendor Advisory
Impacted products
Vendor Product Version
f5 arx 6.0.0
f5 arx 6.1.0
f5 arx 6.1.1
f5 arx 6.2.0
f5 arx 6.3.0
f5 arx 6.4.0
f5 big-ip_access_policy_manager 10.1.0
f5 big-ip_access_policy_manager 10.2.0
f5 big-ip_access_policy_manager 10.2.1
f5 big-ip_access_policy_manager 10.2.2
f5 big-ip_access_policy_manager 10.2.3
f5 big-ip_access_policy_manager 10.2.4
f5 big-ip_access_policy_manager 11.0.0
f5 big-ip_access_policy_manager 11.1.0
f5 big-ip_access_policy_manager 11.2.0
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.3.0
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_advanced_firewall_manager 11.3.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_analytics 11.0.0
f5 big-ip_analytics 11.1.0
f5 big-ip_analytics 11.2.0
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.3.0
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.6.0
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_security_manager 10.0.0
f5 big-ip_application_security_manager 10.0.1
f5 big-ip_application_security_manager 10.1.0
f5 big-ip_application_security_manager 10.2.0
f5 big-ip_application_security_manager 10.2.1
f5 big-ip_application_security_manager 10.2.2
f5 big-ip_application_security_manager 10.2.3
f5 big-ip_application_security_manager 10.2.4
f5 big-ip_application_security_manager 11.0.0
f5 big-ip_application_security_manager 11.1.0
f5 big-ip_application_security_manager 11.2.0
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.3.0
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_edge_gateway 10.1.0
f5 big-ip_edge_gateway 10.2.0
f5 big-ip_edge_gateway 10.2.1
f5 big-ip_edge_gateway 10.2.2
f5 big-ip_edge_gateway 10.2.3
f5 big-ip_edge_gateway 10.2.4
f5 big-ip_edge_gateway 11.0.0
f5 big-ip_edge_gateway 11.1.0
f5 big-ip_edge_gateway 11.2.0
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_edge_gateway 11.3.0
f5 big-ip_global_traffic_manager 10.0.0
f5 big-ip_global_traffic_manager 10.0.1
f5 big-ip_global_traffic_manager 10.1.0
f5 big-ip_global_traffic_manager 10.2.0
f5 big-ip_global_traffic_manager 10.2.1
f5 big-ip_global_traffic_manager 10.2.2
f5 big-ip_global_traffic_manager 10.2.3
f5 big-ip_global_traffic_manager 10.2.4
f5 big-ip_global_traffic_manager 11.0.0
f5 big-ip_global_traffic_manager 11.1.0
f5 big-ip_global_traffic_manager 11.2.0
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.3.0
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_link_controller 10.0.0
f5 big-ip_link_controller 10.0.1
f5 big-ip_link_controller 10.1.0
f5 big-ip_link_controller 10.2.0
f5 big-ip_link_controller 10.2.1
f5 big-ip_link_controller 10.2.2
f5 big-ip_link_controller 10.2.3
f5 big-ip_link_controller 10.2.4
f5 big-ip_link_controller 11.0.0
f5 big-ip_link_controller 11.1.0
f5 big-ip_link_controller 11.2.0
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.3.0
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.6.0
f5 big-ip_local_traffic_manager 10.0.0
f5 big-ip_local_traffic_manager 10.0.1
f5 big-ip_local_traffic_manager 10.1.0
f5 big-ip_local_traffic_manager 10.2.0
f5 big-ip_local_traffic_manager 10.2.1
f5 big-ip_local_traffic_manager 10.2.2
f5 big-ip_local_traffic_manager 10.2.3
f5 big-ip_local_traffic_manager 10.2.4
f5 big-ip_local_traffic_manager 11.0.0
f5 big-ip_local_traffic_manager 11.1.0
f5 big-ip_local_traffic_manager 11.2.0
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.3.0
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_policy_enforcement_manager 11.3.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_protocol_security_module 10.0.0
f5 big-ip_protocol_security_module 10.0.1
f5 big-ip_protocol_security_module 10.1.0
f5 big-ip_protocol_security_module 10.2.0
f5 big-ip_protocol_security_module 10.2.1
f5 big-ip_protocol_security_module 10.2.2
f5 big-ip_protocol_security_module 10.2.3
f5 big-ip_protocol_security_module 10.2.4
f5 big-ip_protocol_security_module 11.0.0
f5 big-ip_protocol_security_module 11.1.0
f5 big-ip_protocol_security_module 11.2.0
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_wan_optimization_manager 10.0.0
f5 big-ip_wan_optimization_manager 10.0.1
f5 big-ip_wan_optimization_manager 10.1.0
f5 big-ip_wan_optimization_manager 10.2.0
f5 big-ip_wan_optimization_manager 10.2.1
f5 big-ip_wan_optimization_manager 10.2.2
f5 big-ip_wan_optimization_manager 10.2.3
f5 big-ip_wan_optimization_manager 10.2.4
f5 big-ip_wan_optimization_manager 11.0.0
f5 big-ip_wan_optimization_manager 11.1.0
f5 big-ip_wan_optimization_manager 11.2.0
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_wan_optimization_manager 11.3.0
f5 big-ip_webaccelerator 10.0.0
f5 big-ip_webaccelerator 10.0.1
f5 big-ip_webaccelerator 10.1.0
f5 big-ip_webaccelerator 10.2.0
f5 big-ip_webaccelerator 10.2.1
f5 big-ip_webaccelerator 10.2.2
f5 big-ip_webaccelerator 10.2.3
f5 big-ip_webaccelerator 10.2.4
f5 big-ip_webaccelerator 11.0.0
f5 big-ip_webaccelerator 11.1.0
f5 big-ip_webaccelerator 11.2.0
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_webaccelerator 11.3.0
f5 big-iq_cloud 4.0.0
f5 big-iq_cloud 4.1.0
f5 big-iq_cloud 4.2.0
f5 big-iq_cloud 4.3.0
f5 big-iq_device 4.2.0
f5 big-iq_device 4.3.0
f5 big-iq_security 4.0.0
f5 big-iq_security 4.1.0
f5 big-iq_security 4.2.0
f5 big-iq_security 4.3.0
f5 enterprise_manager 2.1.0
f5 enterprise_manager 2.2.0
f5 enterprise_manager 2.3.0
f5 enterprise_manager 3.0.0
f5 enterprise_manager 3.1.0
f5 enterprise_manager 3.1.1
f5 firepass 6.0.0
f5 firepass 6.0.1
f5 firepass 6.0.2
f5 firepass 6.0.3
f5 firepass 6.1.0
f5 firepass 7.0.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:arx:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "682F6942-167C-4805-BFC2-53445441A464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:arx:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E94644BE-6825-4DC4-998C-51AF6214E2AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:arx:6.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "510BACF3-6F1B-4805-A095-FCCEF56E7313",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:arx:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4A9FC9C-50C0-4E7D-A083-D15DEDD11847",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:arx:6.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "59FF7235-8946-4EA2-90FC-E460151A9B7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:arx:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C8DAD24-29EB-4A8B-9D19-7955D80FE4C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5BE38A0-CD2F-4C18-9EE3-D56A23BDB73A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "476D58C4-7699-45AC-B987-B42B5488240B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A1197A-7196-49AA-B368-5539180B8B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F73DC1-9174-4842-B772-D277D293214A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2BEA4E9-125B-47D7-99D0-DE469839622F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FB07A3-8D07-44F6-B827-B22D3799A707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D810F8-6062-4901-9832-226F80287C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC2A0DC-D931-4450-8D0F-3223A8EDCED9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C19BDD-1286-48C7-8E7D-66C100D02319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4653A4-833F-4381-86E9-452F19A53868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD4E5E9-5289-4E84-A922-97364D8EB6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "479AFDC6-CE0E-4AAC-8DA9-26ADCD96E8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D982EE29-D298-4D39-897A-580D867CDE50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D477F539-2E79-47BB-A8CF-F3A73AA72A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C59A21-CFC9-41CE-AEC3-FD9E8B02A5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE109CFC-59FD-4859-87EF-5FDD1BD94260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16ACB60E-B9E9-402A-BE42-DF5C892C2257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EE87BAD-382E-4FA7-BCF9-88EFA36DAB3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6363B0D-AC1F-4AF5-BC02-19F77A85F3AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B80111-6F28-4E7F-B9DE-27825866A138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8D0587-ED89-4CDB-960D-37FBD522B146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77088CC-8C8C-4D6E-9770-634A5BF62A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D19442F-065D-4CBE-87EA-697CECD6A47C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445A56C-8D69-484B-8EC4-1F45B4490CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "71578014-E3CD-40A9-8AE4-537C970B4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4D2DA3-1EF3-428A-ACC0-1C438D6F8648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4758B4CB-5CD9-4505-8E91-E5E849937A63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C801C53F-9ECC-42B9-A119-5046706CA621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A544E4-B9BB-4735-8239-4FC57473BB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E5BF8D-7391-49E3-A17A-26A1F138A3C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C33FD2-8473-485C-9726-5673B49A031D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FA77AD2-557E-41E5-8BE5-F4B4A1AB8E13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1C4384-1728-4A71-8634-DCE3F2AEB8F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AC8AA37-9962-4CF6-99E5-A6F94582B107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF1FD1C1-6980-4E9F-8DEF-D9E552510481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F443F1-C43F-42AD-98E4-AE11C72F363E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16CD0C3-13CC-46D2-8E33-A98B3ACC1992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE056B1B-5037-453C-B845-06A507452821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2691943C-1FD1-43EE-B070-E35710E426ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B10D9D9-BC40-4889-9196-C8EA7C571160",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "288EB1AC-9DE3-4FE2-AE4D-006A49199877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1405D7AE-D14C-40F6-9144-EF2F18A6EBC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB441DC5-813E-4E59-87B8-15731291B135",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F89F4A12-710E-4F7A-9A8D-D8B91889A279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "126AD92E-6816-42C0-8801-A81B59C11A56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "890F363A-FC4F-4F52-BBFF-E959F65043A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0018A0C0-AFB3-4654-9504-78A2742C6EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A1ACF2F-3C0E-42E1-A1D2-6D682B2E32C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E951823B-9791-48C7-A804-18FEBEC31279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E3427DB-2918-4934-A3C1-FA5F1632364F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F1A903-4AF5-4FE6-92B0-9F0B64723804",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "383966C0-2FDD-4755-BA16-EE73D4577DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D88F8F3B-DD8B-4BB3-BB68-C43583318400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677AF16-146D-41A5-ABF3-56DB9C0D6CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0303BEA3-02EB-4F7C-96C5-29E231832CEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27CAD4CD-9228-4DE5-A333-2862AC18F24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AE053D4-B202-4BDC-93E6-AA84ADC9B24A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6282BAFA-5F16-40FD-A4C0-9CC289CEEA40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A2BEF40-2392-45F3-B5D0-1FB29646C12A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "125C8A19-4F51-42DD-BA11-F299721EFBB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C580F19-AF18-49EE-89FF-8C4F5C88314D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "01DDFFC4-688B-45FB-B548-A9654BACFA05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC616BB8-F668-483F-A75B-B4244921A23D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "073353D3-AF25-421D-9F97-8FB9C5109CCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EF47F4-0CD0-43DD-93E7-EA08CDF90B7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "47741322-99CD-4B9E-BD6E-A2934572E60B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "442D343A-973B-4C33-B99B-1EA2B7670DE5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address."
    },
    {
      "lang": "es",
      "value": "El demonio rsync en F5 BIG-IP 11.6 anterior a 11.6.0, 11.5.1 anterior a HF3, 11.5.0 anterior a HF4, 11.4.1 anterior a HF4, 11.4.0 anterior a HF7, 11.3.0 anterior a HF9, y 11.2.1 anterior a HF11 y Enterprise Manager 3.x anterior a 3.1.1 HF2, cuando se configura por error en modo de conmutador, no requiere autenticaci\u00f3n, lo que permite a atacantes remotos escribir ficheros arbitrarios a trav\u00e9s de peticiones cmi a la direcci\u00f3n IP del ConfigSync."
    }
  ],
  "id": "CVE-2014-2927",
  "lastModified": "2024-11-21T02:07:12.320",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-10-15T14:55:06.743",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/34465"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.security-assessment.com/files/documents/advisory/F5_Unauthenticated_rsync_access_to_Remote_Root_Code_Execution.pdf"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/34465"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.security-assessment.com/files/documents/advisory/F5_Unauthenticated_rsync_access_to_Remote_Root_Code_Execution.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.html"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-01-08 01:15
Modified
2024-11-21 02:11
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.
References
cret@cert.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/95841Third Party Advisory, VDB Entry
cret@cert.orghttps://support.f5.com/csp/article/K44942017
cret@cert.orghttps://support.f5.com/csp/article/K44942017
cret@cert.orghttps://support.f5.com/csp/article/K44942017?utm_source=f5support&amp%3Butm_medium=RSS
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/95841Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K44942017
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K44942017
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K44942017?utm_source=f5support&amp%3Butm_medium=RSS
Impacted products
Vendor Product Version
ntp ntp 4.2.7
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 15.0.0
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager 15.0.0
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 15.0.0
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager 15.0.0
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 15.0.0
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system 15.0.0
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 15.0.0
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 15.0.0
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager 15.0.0
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_wan_optimization_manager *
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator 11.2.1
f5 big-iq_adc 4.5.0
f5 big-iq_centralized_management *
f5 big-iq_centralized_management *
f5 big-iq_centralized_management 4.6.0
f5 big-iq_cloud *
f5 big-iq_cloud_and_orchestration 1.0.0
f5 big-iq_device *
f5 big-iq_security *
f5 enterprise_manager 3.1.1
f5 iworkflow *
f5 mobilesafe 1.0.0
f5 websafe 1.0.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p25:*:*:*:*:*:*",
              "matchCriteriaId": "FE315238-7191-4A2E-A3C6-2162BE589C78",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40267CF4-9AC8-48ED-9DD4-7F947045AE9C",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "699BDE7D-B02D-41A8-BD2C-936B54107616",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D2F203-B830-42E5-AE54-17453F72A45D",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1331467F-B278-485E-AD91-7D0643C2F3DB",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEBAD7C4-AC37-463F-B63C-6EAD5542F2A0",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C046FBE7-DCCD-40FE-AC1F-4DAD11D2E0AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E695F85-F170-4FD4-819E-7DAF31662BF4",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AD67D31-7FB8-4A3F-915D-385617E21428",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E866C4E5-D739-4352-9B6D-9753B4C78A24",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "720A06E3-441B-4D51-8FC0-D569DD7FEB10",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FF1C75A-F753-40CB-9E26-DA6D31931DDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C7CC5A1-6E7B-48BE-9E0A-0D1E51FCEA3D",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2620230F-1D8D-423D-953E-9EEF934C56DD",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42D16634-442B-4674-B11E-6748D28764BD",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "713EB3E7-A657-4F6A-901D-618AF660CBBC",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EACA0835-51AD-4AC0-8C87-5564F3A821CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "55C26031-A354-4E19-A1C3-415336B2E7C5",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9AF8FC-B730-428D-B317-86ABEF924299",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D91EC11-DD9A-434B-9EB4-14AA0E977D8D",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2833083-97E9-4B3C-8E6B-BCAC1851D148",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8C7C45A-CC14-4092-903C-3001986D2859",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFC01B17-9BC3-425F-8187-5AE7B0AAC227",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DD8FE5B-DA42-41F3-AF57-2DB6C0C70661",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "283155E5-EEAB-4E05-A0E7-B9C5077A5029",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E697E4FD-1882-4BF8-9B9F-FB7DFD19497B",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6434ED4F-0BA2-445A-B6E9-D3E301EE3930",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C2A9F32-FF72-44AA-AA1A-5B09E8E57E24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90D8985-EDE3-4613-9B4A-E3929D1D3721",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "394DF290-9328-4FAD-B04E-61F62B916148",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEC2164D-11D0-4DCD-B814-6AB185C3BADF",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA4AE425-1D86-4DB9-8B8F-74C6678BD528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F8F3686-2C9F-4EB1-973D-FBBC6401744F",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94BB8ADB-C47F-451D-8431-BAE51137C0D8",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1456F84-12B3-462C-A007-262680AA114B",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FBFE46-BCFB-4337-8990-9E92C5C0647E",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9071FCDD-36CE-49F2-9CB1-4495BF852F5B",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72ED4B6A-EC5B-400E-88B7-6C986FC5BC4F",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68E2840B-96F4-4437-91D1-4AFE99E54D6A",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09C950E6-BF12-43D4-9125-AD9D90EDD67A",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A99DC2F-BFC7-4FEA-87DF-5E9DF428F2D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC944480-C2AD-4338-871D-02DE26B3E80A",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "534529CB-53EF-4ABB-A220-6B42DB5A69DC",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A2670B3-1A96-4E72-A316-0AF826E8EC8B",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B83479FA-82FB-4F71-9B98-E683745DB49E",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D17CC587-3325-4D95-BE63-B948C63B411D",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FB6D7D8-2688-48A2-8E3E-341881EF0B4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A75EC568-E2B5-4F4E-AECC-44EA39A7EA21",
              "versionEndIncluding": "11.6.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37257612-FAA4-4004-A4D3-4624F06F0615",
              "versionEndIncluding": "12.1.4",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15F4D416-10F4-4C08-A25D-0795F7FE0FBE",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AD3B4BB-7F5C-4565-9345-2D4895630AAD",
              "versionEndIncluding": "14.1.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B872A0D5-9B23-40F2-8AAB-253A4F406D18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C31E9AFD-27D1-47C4-A577-20BF6B42A1CA",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "041CE71A-50D1-44E6-B683-CD7F89C51893",
              "versionEndIncluding": "11.4.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B84923CD-9BC8-4241-82A3-5848333FFEB7",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A35703D-1BE0-459B-BDF0-08FB7C36A17E",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9768142-C554-44DE-B8D5-45CB51E3C34C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "559900D6-7E43-4D2F-9167-BDB04DD5D0DB",
              "versionEndIncluding": "5.4.0",
              "versionStartIncluding": "5.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F37D18F2-8C6A-4557-85DC-2A751595423C",
              "versionEndIncluding": "6.1.0",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8BF865-BA45-4711-829F-EC8E5EA22D2F",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3E56EB-202A-4F58-8E94-B2DDA1693498",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:iworkflow:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FD83CC2-44E9-43F2-A9EF-E6A0C9C6E261",
              "versionEndIncluding": "2.3.0",
              "versionStartIncluding": "2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:mobilesafe:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA70E87-466F-4B68-BFA1-C33FCEEE9FEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:websafe:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE8D2705-DD84-4F26-94E1-4E6644556A98",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de Divulgaci\u00f3n de Informaci\u00f3n en los mensajes privados (modo 6/7) de NTP versi\u00f3n 4.2.7p25 por medio de un mensaje de control GET_RESTRICT, que podr\u00eda permitir a un usuario malicioso obtener informaci\u00f3n confidencial."
    }
  ],
  "id": "CVE-2014-5209",
  "lastModified": "2024-11-21T02:11:37.840",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-08T01:15:09.547",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
    },
    {
      "source": "cret@cert.org",
      "url": "https://support.f5.com/csp/article/K44942017"
    },
    {
      "source": "cret@cert.org",
      "url": "https://support.f5.com/csp/article/K44942017"
    },
    {
      "source": "cret@cert.org",
      "url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/csp/article/K44942017"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/csp/article/K44942017"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2017-03-27 18:59
Modified
2024-11-21 03:00
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 and 12.x before 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote attackers to cause a denial-of-service (DoS) through unspecified vectors.
References
f5sirt@f5.comhttp://www.securitytracker.com/id/1038132
f5sirt@f5.comhttps://support.f5.com/csp/article/K46535047Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1038132
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K46535047Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager 10.2.1
f5 big-ip_local_traffic_manager 10.2.2
f5 big-ip_local_traffic_manager 10.2.3
f5 big-ip_local_traffic_manager 10.2.4
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.5.3
f5 big-ip_local_traffic_manager 11.5.4
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_local_traffic_manager 11.6.1
f5 big-ip_local_traffic_manager 12.0.0
f5 big-ip_local_traffic_manager 12.1.0
f5 big-ip_local_traffic_manager 12.1.1
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.5.4
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_acceleration_manager 11.6.1
f5 big-ip_application_acceleration_manager 12.0.0
f5 big-ip_application_acceleration_manager 12.1.0
f5 big-ip_application_acceleration_manager 12.1.1
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.5.4
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_advanced_firewall_manager 11.6.1
f5 big-ip_advanced_firewall_manager 12.0.0
f5 big-ip_advanced_firewall_manager 12.1.0
f5 big-ip_advanced_firewall_manager 12.1.1
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.5.3
f5 big-ip_analytics 11.5.4
f5 big-ip_analytics 11.6.0
f5 big-ip_analytics 11.6.1
f5 big-ip_analytics 12.0.0
f5 big-ip_analytics 12.1.0
f5 big-ip_analytics 12.1.1
f5 big-ip_access_policy_manager 10.2.1
f5 big-ip_access_policy_manager 10.2.2
f5 big-ip_access_policy_manager 10.2.3
f5 big-ip_access_policy_manager 10.2.4
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.5.4
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_access_policy_manager 11.6.1
f5 big-ip_access_policy_manager 12.0.0
f5 big-ip_access_policy_manager 12.1.0
f5 big-ip_access_policy_manager 12.1.1
f5 big-ip_application_security_manager 10.2.1
f5 big-ip_application_security_manager 10.2.2
f5 big-ip_application_security_manager 10.2.3
f5 big-ip_application_security_manager 10.2.4
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.5.4
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_application_security_manager 11.6.1
f5 big-ip_application_security_manager 12.0.0
f5 big-ip_application_security_manager 12.1.0
f5 big-ip_application_security_manager 12.1.1
f5 big-ip_domain_name_system 12.0.0
f5 big-ip_domain_name_system 12.1.0
f5 big-ip_domain_name_system 12.1.1
f5 big-ip_link_controller 10.2.1
f5 big-ip_link_controller 10.2.2
f5 big-ip_link_controller 10.2.3
f5 big-ip_link_controller 10.2.4
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.5.4
f5 big-ip_link_controller 11.6.0
f5 big-ip_link_controller 11.6.1
f5 big-ip_link_controller 12.0.0
f5 big-ip_link_controller 12.1.0
f5 big-ip_link_controller 12.1.1
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.5.4
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_policy_enforcement_manager 11.6.1
f5 big-ip_policy_enforcement_manager 12.0.0
f5 big-ip_policy_enforcement_manager 12.1.0
f5 big-ip_policy_enforcement_manager 12.1.1
f5 big-ip_websafe 11.6.0
f5 big-ip_websafe 11.6.1
f5 big-ip_websafe 12.0.0
f5 big-ip_websafe 12.1.0
f5 big-ip_websafe 12.1.1
f5 big-ip_edge_gateway 10.2.1
f5 big-ip_edge_gateway 10.2.2
f5 big-ip_edge_gateway 10.2.3
f5 big-ip_edge_gateway 10.2.4
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_global_traffic_manager 10.2.1
f5 big-ip_global_traffic_manager 10.2.2
f5 big-ip_global_traffic_manager 10.2.3
f5 big-ip_global_traffic_manager 10.2.4
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.5.4
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_global_traffic_manager 11.6.1
f5 big-ip_protocol_security_module 10.2.1
f5 big-ip_protocol_security_module 10.2.2
f5 big-ip_protocol_security_module 10.2.3
f5 big-ip_protocol_security_module 10.2.4
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_webaccelerator 10.2.1
f5 big-ip_webaccelerator 10.2.2
f5 big-ip_webaccelerator 10.2.3
f5 big-ip_webaccelerator 10.2.4
f5 big-ip_webaccelerator 11.2.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16CD0C3-13CC-46D2-8E33-A98B3ACC1992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE056B1B-5037-453C-B845-06A507452821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2B502F2-404C-463B-B6BE-87489DC881F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82C7B1C-E195-4D94-B604-78FB464C4F81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F6C3144-D0DE-4248-BFCD-04A7E6104044",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BE0210-7058-462A-BA17-845D3E4F52FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECA90FB8-E2CD-400F-B753-1B482E7FAC96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FEC804B-35DB-4A0C-9AEA-15527E0CC1B1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBAB92C5-2D50-49CC-AECA-0D16BC44A788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC827031-CA39-4081-8CE0-30EAC78DF756",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7569903B-3A15-4A10-863B-6828337DD268",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A065BC0-56BD-4665-A860-EBA37F1A4D8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "77192AFB-B612-4BAA-916C-3DF8E851CC2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE295AF6-2B35-467F-8501-B5753CDDE16C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A1197A-7196-49AA-B368-5539180B8B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F73DC1-9174-4842-B772-D277D293214A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2BEA4E9-125B-47D7-99D0-DE469839622F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FB07A3-8D07-44F6-B827-B22D3799A707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E33BCA5B-CE91-451C-9821-2023A9E461C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2044C-AC6F-4145-B1A0-8EB26DCF1F8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FC866D4-CE8C-4408-AD1E-8643AC554CC9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD4E5E9-5289-4E84-A922-97364D8EB6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "479AFDC6-CE0E-4AAC-8DA9-26ADCD96E8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94DBCD7A-E4DA-4C08-87A4-960CF53A83E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB2118A-0F9C-4273-BB07-85FEA32C785B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8541C9EF-69A8-4641-B173-3BCE0EDD20A8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DD7394-BD0A-42FD-A367-827F35397A20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "98509F74-301A-4D1F-A2B4-B01B80CEFFCA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A544E4-B9BB-4735-8239-4FC57473BB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E5BF8D-7391-49E3-A17A-26A1F138A3C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C33FD2-8473-485C-9726-5673B49A031D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FA77AD2-557E-41E5-8BE5-F4B4A1AB8E13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C641B4F-DCFF-4A1B-9E00-EDF18A270241",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBBB6E7C-DA1A-479F-9DD2-DE0C3CA82E92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4913B437-33FF-4B5E-A855-9DA00B35E3B3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1EA4F45-35F7-4687-8D1A-A5ACD846500A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "64273A2C-E5A1-4605-92DD-EBECC7F051D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E60CA151-1C3A-45B3-B939-E6F80063C595",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "228D5DA1-C78A-4E05-997A-50F6C1B59593",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "452C59B8-230D-4FC0-B76D-FA6E381E3713",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EE1EEA6-1E25-4A90-91A1-386D19808557",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A05340-0AE2-49CA-903F-44383421577E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "583F134E-1616-44F2-8EF0-0CFA5CCEF0AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C59A21-CFC9-41CE-AEC3-FD9E8B02A5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE109CFC-59FD-4859-87EF-5FDD1BD94260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8D0587-ED89-4CDB-960D-37FBD522B146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77088CC-8C8C-4D6E-9770-634A5BF62A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D19442F-065D-4CBE-87EA-697CECD6A47C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445A56C-8D69-484B-8EC4-1F45B4490CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "911BB6DB-B2D1-4855-A65C-F0799E034358",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 and 12.x before 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote attackers to cause a denial-of-service (DoS) through unspecified vectors."
    },
    {
      "lang": "es",
      "value": "El Traffic Management Microkernel (TMM) en F5 BIG-IP en versiones anteriores a 11.5.4 HF3, 11.6.x en versiones anteriores a 11.6.1 HF2 y 12.x en versiones anteriores a 12.1.2 no maneja adecuadamente las opciones MTU de ruta m\u00ednima para IPv6, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2016-9252",
  "lastModified": "2024-11-21T03:00:51.283",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-03-27T18:59:00.230",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "url": "http://www.securitytracker.com/id/1038132"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K46535047"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1038132"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K46535047"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-19"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2014-12-10 00:59
Modified
2024-11-21 02:19
Severity ?
Summary
The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself.
References
cve@mitre.orghttp://marc.info/?l=bugtraq&m=144372772101168&w=2
cve@mitre.orghttp://secunia.com/advisories/62167
cve@mitre.orghttp://secunia.com/advisories/62224
cve@mitre.orghttp://secunia.com/advisories/62388
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21693271
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21693337
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21693495
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2014/12/09/27
cve@mitre.orghttps://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151Vendor Advisory
cve@mitre.orghttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.htmlVendor Advisory
cve@mitre.orghttps://support.lenovo.com/product_security/poodle
cve@mitre.orghttps://support.lenovo.com/us/en/product_security/poodle
cve@mitre.orghttps://www.imperialviolet.org/2014/12/08/poodleagain.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=144372772101168&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/62167
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/62224
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/62388
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21693271
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21693337
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21693495
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2014/12/09/27
af854a3a-2127-422b-91ae-364da2661108https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.lenovo.com/product_security/poodle
af854a3a-2127-422b-91ae-364da2661108https://support.lenovo.com/us/en/product_security/poodle
af854a3a-2127-422b-91ae-364da2661108https://www.imperialviolet.org/2014/12/08/poodleagain.html
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager 10.0.0
f5 big-ip_local_traffic_manager 10.0.1
f5 big-ip_local_traffic_manager 10.1.0
f5 big-ip_local_traffic_manager 10.2.0
f5 big-ip_local_traffic_manager 10.2.1
f5 big-ip_local_traffic_manager 10.2.2
f5 big-ip_local_traffic_manager 10.2.3
f5 big-ip_local_traffic_manager 10.2.4
f5 big-ip_local_traffic_manager 11.0.0
f5 big-ip_local_traffic_manager 11.1.0
f5 big-ip_local_traffic_manager 11.2.0
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.3.0
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_access_policy_manager 10.1.0
f5 big-ip_access_policy_manager 10.2.0
f5 big-ip_access_policy_manager 10.2.1
f5 big-ip_access_policy_manager 10.2.2
f5 big-ip_access_policy_manager 10.2.3
f5 big-ip_access_policy_manager 10.2.4
f5 big-ip_access_policy_manager 11.0.0
f5 big-ip_access_policy_manager 11.1.0
f5 big-ip_access_policy_manager 11.2.0
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.3.0
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.3.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_protocol_security_module 10.0.0
f5 big-ip_protocol_security_module 10.0.1
f5 big-ip_protocol_security_module 10.1.0
f5 big-ip_protocol_security_module 10.2.0
f5 big-ip_protocol_security_module 10.2.1
f5 big-ip_protocol_security_module 10.2.2
f5 big-ip_protocol_security_module 10.2.3
f5 big-ip_protocol_security_module 10.2.4
f5 big-ip_protocol_security_module 11.0.0
f5 big-ip_protocol_security_module 11.1.0
f5 big-ip_protocol_security_module 11.2.0
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_webaccelerator 10.0.0
f5 big-ip_webaccelerator 10.0.1
f5 big-ip_webaccelerator 10.1.0
f5 big-ip_webaccelerator 10.2.0
f5 big-ip_webaccelerator 10.2.1
f5 big-ip_webaccelerator 10.2.2
f5 big-ip_webaccelerator 10.2.3
f5 big-ip_webaccelerator 10.2.4
f5 big-ip_webaccelerator 11.0.0
f5 big-ip_webaccelerator 11.1.0
f5 big-ip_webaccelerator 11.2.0
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_webaccelerator 11.3.0
f5 big-iq_security 4.0.0
f5 big-iq_security 4.1.0
f5 big-iq_security 4.2.0
f5 big-iq_security 4.3.0
f5 big-iq_security 4.4.0
f5 big-ip_edge_gateway 10.1.0
f5 big-ip_edge_gateway 10.2.0
f5 big-ip_edge_gateway 10.2.1
f5 big-ip_edge_gateway 10.2.2
f5 big-ip_edge_gateway 10.2.3
f5 big-ip_edge_gateway 10.2.4
f5 big-ip_edge_gateway 11.0.0
f5 big-ip_edge_gateway 11.1.0
f5 big-ip_edge_gateway 11.2.0
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_edge_gateway 11.3.0
f5 big-iq_device 4.2.0
f5 big-iq_device 4.3.0
f5 big-iq_device 4.4.0
f5 big-ip_application_security_manager 10.0.0
f5 big-ip_application_security_manager 10.0.1
f5 big-ip_application_security_manager 10.1.0
f5 big-ip_application_security_manager 10.2.0
f5 big-ip_application_security_manager 10.2.1
f5 big-ip_application_security_manager 10.2.2
f5 big-ip_application_security_manager 10.2.3
f5 big-ip_application_security_manager 10.2.4
f5 big-ip_application_security_manager 11.0.0
f5 big-ip_application_security_manager 11.1.0
f5 big-ip_application_security_manager 11.2.0
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.3.0
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.3.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_analytics 11.0.0
f5 big-ip_analytics 11.1.0
f5 big-ip_analytics 11.2.0
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.3.0
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-iq_cloud 4.0.0
f5 big-iq_cloud 4.1.0
f5 big-iq_cloud 4.2.0
f5 big-iq_cloud 4.3.0
f5 big-iq_cloud 4.4.0
f5 big-ip_wan_optimization_manager 10.0.0
f5 big-ip_wan_optimization_manager 10.0.1
f5 big-ip_wan_optimization_manager 10.1.0
f5 big-ip_wan_optimization_manager 10.2.0
f5 big-ip_wan_optimization_manager 10.2.1
f5 big-ip_wan_optimization_manager 10.2.2
f5 big-ip_wan_optimization_manager 10.2.3
f5 big-ip_wan_optimization_manager 10.2.4
f5 big-ip_wan_optimization_manager 11.0.0
f5 big-ip_wan_optimization_manager 11.1.0
f5 big-ip_wan_optimization_manager 11.2.0
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_wan_optimization_manager 11.3.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1C4384-1728-4A71-8634-DCE3F2AEB8F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AC8AA37-9962-4CF6-99E5-A6F94582B107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF1FD1C1-6980-4E9F-8DEF-D9E552510481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F443F1-C43F-42AD-98E4-AE11C72F363E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16CD0C3-13CC-46D2-8E33-A98B3ACC1992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE056B1B-5037-453C-B845-06A507452821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5BE38A0-CD2F-4C18-9EE3-D56A23BDB73A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "476D58C4-7699-45AC-B987-B42B5488240B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A1197A-7196-49AA-B368-5539180B8B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F73DC1-9174-4842-B772-D277D293214A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2BEA4E9-125B-47D7-99D0-DE469839622F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FB07A3-8D07-44F6-B827-B22D3799A707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2691943C-1FD1-43EE-B070-E35710E426ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B10D9D9-BC40-4889-9196-C8EA7C571160",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "288EB1AC-9DE3-4FE2-AE4D-006A49199877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1405D7AE-D14C-40F6-9144-EF2F18A6EBC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E951823B-9791-48C7-A804-18FEBEC31279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E3427DB-2918-4934-A3C1-FA5F1632364F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F1A903-4AF5-4FE6-92B0-9F0B64723804",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "383966C0-2FDD-4755-BA16-EE73D4577DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0303BEA3-02EB-4F7C-96C5-29E231832CEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27CAD4CD-9228-4DE5-A333-2862AC18F24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D982EE29-D298-4D39-897A-580D867CDE50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D477F539-2E79-47BB-A8CF-F3A73AA72A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C59A21-CFC9-41CE-AEC3-FD9E8B02A5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE109CFC-59FD-4859-87EF-5FDD1BD94260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D810F8-6062-4901-9832-226F80287C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC2A0DC-D931-4450-8D0F-3223A8EDCED9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C19BDD-1286-48C7-8E7D-66C100D02319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4653A4-833F-4381-86E9-452F19A53868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD4E5E9-5289-4E84-A922-97364D8EB6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "479AFDC6-CE0E-4AAC-8DA9-26ADCD96E8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D88F8F3B-DD8B-4BB3-BB68-C43583318400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677AF16-146D-41A5-ABF3-56DB9C0D6CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB441DC5-813E-4E59-87B8-15731291B135",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F89F4A12-710E-4F7A-9A8D-D8B91889A279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "126AD92E-6816-42C0-8801-A81B59C11A56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "890F363A-FC4F-4F52-BBFF-E959F65043A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0018A0C0-AFB3-4654-9504-78A2742C6EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A1ACF2F-3C0E-42E1-A1D2-6D682B2E32C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).  NOTE: the scope of this identifier is limited to the F5 implementation only. Other vulnerable implementations should receive their own CVE ID, since this is not a vulnerability within the design of TLS 1.x itself."
    },
    {
      "lang": "es",
      "value": "El componente SSL profiles en F5 BIG-IP LTM, APM, y ASM 10.0.0 hasta 10.2.4 y 11.0.0 hasta 11.5.1, AAM 11.4.0 hasta 11.5.1, AFM 11.3.0 hasta 11.5.1, Analytics 11.0.0 hasta 11.5.1, Edge Gateway, WebAccelerator, y WOM 10.1.0 hasta 10.2.4 y 11.0.0 hasta 11.3.0, PEM 11.3.0 hasta 11.6.0, y PSM 10.0.0 hasta 10.2.4 y 11.0.0 hasta 11.4.1 y BIG-IQ Cloud and Security 4.0.0 hasta 4.4.0 y Device 4.2.0 hasta 4.4.0, cuando utiliza TLS 1.x anterior a TLS 1.2, no comprueba correctamente los bytes de relleno CBC cuando termina conexiones, lo que facilita a atacantes man-in-the-middle obtener datos en texto plano a trav\u00e9s de un ataque del oracle de relleno, una variante de CVE-2014-3566 (tambi\u00e9n conocido como POODLE). NOTA: el alcance de este identificador est\u00e1 limitado a la implementaci\u00f3n F5 exclusivamente. Otras implementaciones vulnerables deben recibir su propio ID de CVE, debido a que esta vulnerabilidad no existe dentro del dise\u00f1o de TLS 1.x mismo."
    }
  ],
  "id": "CVE-2014-8730",
  "lastModified": "2024-11-21T02:19:39.347",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2014-12-10T00:59:01.293",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=144372772101168\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/62167"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/62224"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/62388"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693271"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693337"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693495"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2014/12/09/27"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://support.lenovo.com/product_security/poodle"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://support.lenovo.com/us/en/product_security/poodle"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.imperialviolet.org/2014/12/08/poodleagain.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=144372772101168\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/62167"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/62224"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/62388"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693271"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693337"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2014/12/09/27"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://devcentral.f5.com/articles/cve-2014-8730-padding-issue-8151"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.lenovo.com/product_security/poodle"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.lenovo.com/us/en/product_security/poodle"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.imperialviolet.org/2014/12/08/poodleagain.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-310"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2017-06-08 16:29
Modified
2024-11-21 02:13
Severity ?
4.9 (Medium) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Summary
Buffer overflow in the mcpq daemon in F5 BIG-IP systems 10.x before 10.2.4 HF12, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x before 11.4.1 HF9, 11.5.x before 11.5.2 HF1, and 11.6.0 before HF4, and Enterprise Manager 2.1.0 through 2.3.0 and 3.x before 3.1.1 HF5 allows remote authenticated administrators to cause a denial of service via unspecified vectors.
References
cve@mitre.orghttps://support.f5.com/csp/article/K16196Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K16196Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager 10.0.0
f5 big-ip_local_traffic_manager 10.0.1
f5 big-ip_local_traffic_manager 10.1.0
f5 big-ip_local_traffic_manager 10.2.0
f5 big-ip_local_traffic_manager 10.2.1
f5 big-ip_local_traffic_manager 10.2.2
f5 big-ip_local_traffic_manager 10.2.3
f5 big-ip_local_traffic_manager 10.2.4
f5 big-ip_local_traffic_manager 11.0.0
f5 big-ip_local_traffic_manager 11.1.0
f5 big-ip_local_traffic_manager 11.2.0
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.3.0
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_advanced_firewall_manager 11.3.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_analytics 11.0.0
f5 big-ip_analytics 11.1.0
f5 big-ip_analytics 11.2.0
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.3.0
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.6.0
f5 big-ip_access_policy_manager 10.1.0
f5 big-ip_access_policy_manager 10.2.0
f5 big-ip_access_policy_manager 10.2.1
f5 big-ip_access_policy_manager 10.2.2
f5 big-ip_access_policy_manager 10.2.3
f5 big-ip_access_policy_manager 10.2.4
f5 big-ip_access_policy_manager 11.0.0
f5 big-ip_access_policy_manager 11.1.0
f5 big-ip_access_policy_manager 11.2.0
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.3.0
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_application_security_manager 10.0.0
f5 big-ip_application_security_manager 10.1.0
f5 big-ip_application_security_manager 10.2.0
f5 big-ip_application_security_manager 10.2.1
f5 big-ip_application_security_manager 10.2.2
f5 big-ip_application_security_manager 10.2.3
f5 big-ip_application_security_manager 10.2.4
f5 big-ip_application_security_manager 11.0.0
f5 big-ip_application_security_manager 11.1.0
f5 big-ip_application_security_manager 11.2.0
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.3.0
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_edge_gateway 10.1.0
f5 big-ip_edge_gateway 10.2.0
f5 big-ip_edge_gateway 10.2.1
f5 big-ip_edge_gateway 10.2.2
f5 big-ip_edge_gateway 10.2.3
f5 big-ip_edge_gateway 10.2.4
f5 big-ip_edge_gateway 11.0.0
f5 big-ip_edge_gateway 11.1.0
f5 big-ip_edge_gateway 11.2.0
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_edge_gateway 11.3.0
f5 big-ip_global_traffic_manager 10.0.0
f5 big-ip_global_traffic_manager 10.1.0
f5 big-ip_global_traffic_manager 10.2.0
f5 big-ip_global_traffic_manager 10.2.1
f5 big-ip_global_traffic_manager 10.2.2
f5 big-ip_global_traffic_manager 10.2.3
f5 big-ip_global_traffic_manager 10.2.4
f5 big-ip_global_traffic_manager 11.0.0
f5 big-ip_global_traffic_manager 11.1.0
f5 big-ip_global_traffic_manager 11.2.0
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.3.0
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_link_controller 10.0.0
f5 big-ip_link_controller 10.1.0
f5 big-ip_link_controller 10.2.0
f5 big-ip_link_controller 10.2.1
f5 big-ip_link_controller 10.2.2
f5 big-ip_link_controller 10.2.3
f5 big-ip_link_controller 10.2.4
f5 big-ip_link_controller 11.0.0
f5 big-ip_link_controller 11.1.0
f5 big-ip_link_controller 11.2.0
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.3.0
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.6.0
f5 big-ip_policy_enforcement_manager 11.3.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_protocol_security_module 10.0.0
f5 big-ip_protocol_security_module 10.1.0
f5 big-ip_protocol_security_module 10.2.0
f5 big-ip_protocol_security_module 10.2.1
f5 big-ip_protocol_security_module 10.2.2
f5 big-ip_protocol_security_module 10.2.3
f5 big-ip_protocol_security_module 10.2.4
f5 big-ip_protocol_security_module 11.0.0
f5 big-ip_protocol_security_module 11.1.0
f5 big-ip_protocol_security_module 11.2.0
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_webaccelerator 10.0.0
f5 big-ip_webaccelerator 10.1.0
f5 big-ip_webaccelerator 10.2.0
f5 big-ip_webaccelerator 10.2.1
f5 big-ip_webaccelerator 10.2.2
f5 big-ip_webaccelerator 10.2.3
f5 big-ip_webaccelerator 10.2.4
f5 big-ip_webaccelerator 11.0.0
f5 big-ip_webaccelerator 11.1.0
f5 big-ip_webaccelerator 11.2.0
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_webaccelerator 11.3.0
f5 big-ip_wan_optimization_manager 10.0.0
f5 big-ip_wan_optimization_manager 10.1.0
f5 big-ip_wan_optimization_manager 10.2.0
f5 big-ip_wan_optimization_manager 10.2.1
f5 big-ip_wan_optimization_manager 10.2.2
f5 big-ip_wan_optimization_manager 10.2.3
f5 big-ip_wan_optimization_manager 10.2.4
f5 big-ip_wan_optimization_manager 11.0.0
f5 big-ip_wan_optimization_manager 11.1.0
f5 big-ip_wan_optimization_manager 11.2.0
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_wan_optimization_manager 11.3.0
f5 big-ip_enterprise_manager 2.1.0
f5 big-ip_enterprise_manager 2.2.0
f5 big-ip_enterprise_manager 2.3.0
f5 big-ip_enterprise_manager 3.0.0
f5 big-ip_enterprise_manager 3.1.0
f5 big-ip_enterprise_manager 3.1.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1C4384-1728-4A71-8634-DCE3F2AEB8F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AC8AA37-9962-4CF6-99E5-A6F94582B107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF1FD1C1-6980-4E9F-8DEF-D9E552510481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F443F1-C43F-42AD-98E4-AE11C72F363E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16CD0C3-13CC-46D2-8E33-A98B3ACC1992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE056B1B-5037-453C-B845-06A507452821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5BE38A0-CD2F-4C18-9EE3-D56A23BDB73A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "476D58C4-7699-45AC-B987-B42B5488240B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A1197A-7196-49AA-B368-5539180B8B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F73DC1-9174-4842-B772-D277D293214A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2BEA4E9-125B-47D7-99D0-DE469839622F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FB07A3-8D07-44F6-B827-B22D3799A707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D810F8-6062-4901-9832-226F80287C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C19BDD-1286-48C7-8E7D-66C100D02319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4653A4-833F-4381-86E9-452F19A53868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD4E5E9-5289-4E84-A922-97364D8EB6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "479AFDC6-CE0E-4AAC-8DA9-26ADCD96E8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D982EE29-D298-4D39-897A-580D867CDE50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D477F539-2E79-47BB-A8CF-F3A73AA72A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C59A21-CFC9-41CE-AEC3-FD9E8B02A5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE109CFC-59FD-4859-87EF-5FDD1BD94260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16ACB60E-B9E9-402A-BE42-DF5C892C2257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6363B0D-AC1F-4AF5-BC02-19F77A85F3AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B80111-6F28-4E7F-B9DE-27825866A138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8D0587-ED89-4CDB-960D-37FBD522B146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77088CC-8C8C-4D6E-9770-634A5BF62A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D19442F-065D-4CBE-87EA-697CECD6A47C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445A56C-8D69-484B-8EC4-1F45B4490CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "71578014-E3CD-40A9-8AE4-537C970B4B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4758B4CB-5CD9-4505-8E91-E5E849937A63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C801C53F-9ECC-42B9-A119-5046706CA621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A544E4-B9BB-4735-8239-4FC57473BB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E5BF8D-7391-49E3-A17A-26A1F138A3C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C33FD2-8473-485C-9726-5673B49A031D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FA77AD2-557E-41E5-8BE5-F4B4A1AB8E13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2691943C-1FD1-43EE-B070-E35710E426ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "288EB1AC-9DE3-4FE2-AE4D-006A49199877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1405D7AE-D14C-40F6-9144-EF2F18A6EBC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E951823B-9791-48C7-A804-18FEBEC31279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F1A903-4AF5-4FE6-92B0-9F0B64723804",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "383966C0-2FDD-4755-BA16-EE73D4577DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB441DC5-813E-4E59-87B8-15731291B135",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "126AD92E-6816-42C0-8801-A81B59C11A56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "890F363A-FC4F-4F52-BBFF-E959F65043A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0018A0C0-AFB3-4654-9504-78A2742C6EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A1ACF2F-3C0E-42E1-A1D2-6D682B2E32C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C4CA12D-F3E5-4C9B-B5C6-E9DCCA03555F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4D791F6-4B3E-4C2B-8600-60559DA2A09E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF91EBEE-7443-4FA0-83C5-7314BE1AC9C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13753E9F-11AA-41F4-930E-BD9866D03396",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D04FC0C-5E44-4DAD-9542-C772EA35916C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADE47FF9-E13D-41D3-BEA2-EF1B973CB0A9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the mcpq daemon in F5 BIG-IP systems 10.x before 10.2.4 HF12, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x before 11.4.1 HF9, 11.5.x before 11.5.2 HF1, and 11.6.0 before HF4, and Enterprise Manager 2.1.0 through 2.3.0 and 3.x before 3.1.1 HF5 allows remote authenticated administrators to cause a denial of service via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de buffer en el demonio mcpq en sistemas F5 BIG-IP, versiones 10.x anteriores a la 10.2.4 HF12, 11.x anteriores a la 11.2.1 HF15, 11.3.x, 11.4.x anteriores a la 11.4.1 HF9, 11.5.x anteriores a la 11.5.2 HF1 y 11.6.0 anteriores a la HF4 y Enterprise Manager, versiones de la 2.1.0 a la 2.3.0 y 3.x anteriores a la 3.1.1 HF5, que permitir\u00eda a administradores autenticados causar una denegaci\u00f3n de servicio a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2014-6031",
  "lastModified": "2024-11-21T02:13:37.793",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-06-08T16:29:00.217",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K16196"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K16196"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2014-10-28 14:55
Modified
2024-11-21 02:09
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, AAM 11.4.0 before 11.6.0, AFM and PEM 11.3.0 before 11.6.0, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0 and 10.1.0 through 10.2.4, and PSM 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
cve@mitre.orghttp://www.securitytracker.com/id/1030776
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.htmlVendor Advisory
cve@mitre.orghttps://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txtExploit
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1030776
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txtExploit
Impacted products
Vendor Product Version
f5 big-ip_advanced_firewall_manager 11.3.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.3.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_application_security_manager 10.1.0
f5 big-ip_application_security_manager 10.2.0
f5 big-ip_application_security_manager 10.2.1
f5 big-ip_application_security_manager 10.2.2
f5 big-ip_application_security_manager 10.2.3
f5 big-ip_application_security_manager 10.2.4
f5 big-ip_application_security_manager 11.0.0
f5 big-ip_application_security_manager 11.1.0
f5 big-ip_application_security_manager 11.2.0
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.3.0
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 enterprise_manager 3.0.0
f5 enterprise_manager 3.1.0
f5 enterprise_manager 3.1.1
f5 enterprise_manager 2.1.0
f5 enterprise_manager 2.2.0
f5 enterprise_manager 2.3.0
f5 big-ip_edge_gateway 10.1.0
f5 big-ip_edge_gateway 10.2.0
f5 big-ip_edge_gateway 10.2.1
f5 big-ip_edge_gateway 10.2.2
f5 big-ip_edge_gateway 10.2.3
f5 big-ip_edge_gateway 10.2.4
f5 big-ip_edge_gateway 11.0.0
f5 big-ip_edge_gateway 11.1.0
f5 big-ip_edge_gateway 11.2.0
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_edge_gateway 11.3.0
f5 big-ip_global_traffic_manager 10.1.0
f5 big-ip_global_traffic_manager 10.2.0
f5 big-ip_global_traffic_manager 10.2.1
f5 big-ip_global_traffic_manager 10.2.2
f5 big-ip_global_traffic_manager 10.2.3
f5 big-ip_global_traffic_manager 10.2.4
f5 big-ip_global_traffic_manager 11.0.0
f5 big-ip_global_traffic_manager 11.1.0
f5 big-ip_global_traffic_manager 11.2.0
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.3.0
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_link_controller 10.1.0
f5 big-ip_link_controller 10.2.0
f5 big-ip_link_controller 10.2.1
f5 big-ip_link_controller 10.2.2
f5 big-ip_link_controller 10.2.3
f5 big-ip_link_controller 10.2.4
f5 big-ip_link_controller 11.0.0
f5 big-ip_link_controller 11.1.0
f5 big-ip_link_controller 11.2.0
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.3.0
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_local_traffic_manager 10.1.0
f5 big-ip_local_traffic_manager 10.2.0
f5 big-ip_local_traffic_manager 10.2.1
f5 big-ip_local_traffic_manager 10.2.2
f5 big-ip_local_traffic_manager 10.2.3
f5 big-ip_local_traffic_manager 10.2.4
f5 big-ip_local_traffic_manager 11.0.0
f5 big-ip_local_traffic_manager 11.1.0
f5 big-ip_local_traffic_manager 11.2.0
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.3.0
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_access_policy_manager 10.1.0
f5 big-ip_access_policy_manager 10.2.0
f5 big-ip_access_policy_manager 10.2.1
f5 big-ip_access_policy_manager 10.2.2
f5 big-ip_access_policy_manager 10.2.3
f5 big-ip_access_policy_manager 10.2.4
f5 big-ip_access_policy_manager 11.0.0
f5 big-ip_access_policy_manager 11.1.0
f5 big-ip_access_policy_manager 11.2.0
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.3.0
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_protocol_security_module 10.1.0
f5 big-ip_protocol_security_module 10.2.0
f5 big-ip_protocol_security_module 10.2.1
f5 big-ip_protocol_security_module 10.2.2
f5 big-ip_protocol_security_module 10.2.3
f5 big-ip_protocol_security_module 10.2.4
f5 big-ip_protocol_security_module 11.0.0
f5 big-ip_protocol_security_module 11.1.0
f5 big-ip_protocol_security_module 11.2.0
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_webaccelerator 10.1.0
f5 big-ip_webaccelerator 10.2.0
f5 big-ip_webaccelerator 10.2.1
f5 big-ip_webaccelerator 10.2.2
f5 big-ip_webaccelerator 10.2.3
f5 big-ip_webaccelerator 10.2.4
f5 big-ip_webaccelerator 11.0.0
f5 big-ip_webaccelerator 11.1.0
f5 big-ip_webaccelerator 11.2.0
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_webaccelerator 11.3.0
f5 big-ip_wan_optimization_manager 10.1.0
f5 big-ip_wan_optimization_manager 10.2.0
f5 big-ip_wan_optimization_manager 10.2.1
f5 big-ip_wan_optimization_manager 10.2.2
f5 big-ip_wan_optimization_manager 10.2.3
f5 big-ip_wan_optimization_manager 10.2.4
f5 big-ip_wan_optimization_manager 11.0.0
f5 big-ip_wan_optimization_manager 11.1.0
f5 big-ip_wan_optimization_manager 11.2.0
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_wan_optimization_manager 11.3.0
f5 big-ip_analytics 11.0.0
f5 big-ip_analytics 11.1.0
f5 big-ip_analytics 11.2.0
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.3.0
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C19BDD-1286-48C7-8E7D-66C100D02319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4653A4-833F-4381-86E9-452F19A53868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD4E5E9-5289-4E84-A922-97364D8EB6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "479AFDC6-CE0E-4AAC-8DA9-26ADCD96E8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "125C8A19-4F51-42DD-BA11-F299721EFBB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C580F19-AF18-49EE-89FF-8C4F5C88314D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:enterprise_manager:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE619B40-18EB-4F01-A416-63A66577F14F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:enterprise_manager:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "003DFFC0-C51B-43B8-897A-6AD71A7B60FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:enterprise_manager:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "05803D5C-15CD-4600-9703-951D28173E49",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D982EE29-D298-4D39-897A-580D867CDE50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D477F539-2E79-47BB-A8CF-F3A73AA72A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C59A21-CFC9-41CE-AEC3-FD9E8B02A5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE109CFC-59FD-4859-87EF-5FDD1BD94260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6363B0D-AC1F-4AF5-BC02-19F77A85F3AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B80111-6F28-4E7F-B9DE-27825866A138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8D0587-ED89-4CDB-960D-37FBD522B146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77088CC-8C8C-4D6E-9770-634A5BF62A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D19442F-065D-4CBE-87EA-697CECD6A47C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445A56C-8D69-484B-8EC4-1F45B4490CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4758B4CB-5CD9-4505-8E91-E5E849937A63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C801C53F-9ECC-42B9-A119-5046706CA621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A544E4-B9BB-4735-8239-4FC57473BB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E5BF8D-7391-49E3-A17A-26A1F138A3C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C33FD2-8473-485C-9726-5673B49A031D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FA77AD2-557E-41E5-8BE5-F4B4A1AB8E13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF1FD1C1-6980-4E9F-8DEF-D9E552510481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F443F1-C43F-42AD-98E4-AE11C72F363E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16CD0C3-13CC-46D2-8E33-A98B3ACC1992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE056B1B-5037-453C-B845-06A507452821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5BE38A0-CD2F-4C18-9EE3-D56A23BDB73A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "476D58C4-7699-45AC-B987-B42B5488240B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A1197A-7196-49AA-B368-5539180B8B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F73DC1-9174-4842-B772-D277D293214A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2BEA4E9-125B-47D7-99D0-DE469839622F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FB07A3-8D07-44F6-B827-B22D3799A707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "288EB1AC-9DE3-4FE2-AE4D-006A49199877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1405D7AE-D14C-40F6-9144-EF2F18A6EBC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F1A903-4AF5-4FE6-92B0-9F0B64723804",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "383966C0-2FDD-4755-BA16-EE73D4577DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "126AD92E-6816-42C0-8801-A81B59C11A56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "890F363A-FC4F-4F52-BBFF-E959F65043A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0018A0C0-AFB3-4654-9504-78A2742C6EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A1ACF2F-3C0E-42E1-A1D2-6D682B2E32C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, AAM 11.4.0 before 11.6.0, AFM and PEM 11.3.0 before 11.6.0, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0 and 10.1.0 through 10.2.4, and PSM 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de XSS en tmui/dashboard/echo.jsp en la utilidad Configuration en F5 BIG-IP LTM, APM, ASM, GTM, y Link Controller 11.0.0 anterior a 11.6.0 y 10.1.0 hasta 10.2.4, AAM 11.4.0 anterior a 11.6.0, AFM y PEM 11.3.0 anterior a 11.6.0, Analytics 11.0.0 hasta 11.5.1, Edge Gateway, WebAccelerator, y WOM 11.0.0 hasta 11.3.0 y 10.1.0 hasta 10.2.4, y PSM 11.0.0 hasta 11.4.1 y 10.1.0 hasta 10.2.4 y Enterprise Manager 3.0.0 hasta 3.1.1 y 2.1.0 hasta 2.3.0 permite a atacantes remotos inyectar secuencias de comandos web arbitrarios a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2014-4023",
  "lastModified": "2024-11-21T02:09:21.590",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2014-10-28T14:55:05.987",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1030776"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1030776"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-10-31 14:29
Modified
2024-11-21 03:50
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, undisclosed traffic patterns may lead to denial of service conditions for the BIG-IP system. The configuration which exposes this condition is the BIG-IP self IP address which is part of a VLAN group and has the Port Lockdown setting configured with anything other than "allow-all".
References
f5sirt@f5.comhttps://support.f5.com/csp/article/K72442354Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K72442354Mitigation, Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B189FA9C-D989-460B-85AC-FD39F8E0259E",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3A526B1-EB66-497F-B8B5-45205781B323",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A53D2261-716A-46D4-B1A4-1C1D84F6AF94",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9032E773-CAB2-4108-A86B-04A8383663BE",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11719D56-D88C-4970-B89E-376D6883857B",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "51218200-4536-4ED9-AA9A-301E2B30B829",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "93B1A472-EA29-4D4E-A27E-F40B0457DE39",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "224F2348-19DC-4242-8A1E-5F5BDCB86B9C",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E55CC546-E22D-4DD3-B0A6-9C4BC65E0951",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E021297A-FD19-446B-B526-7516503B6D24",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE41473-F2DF-4FA8-B208-2A546DE49CA2",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC852AA9-7C30-44D8-A964-07DF817A4FF2",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "734B216E-67CD-44B3-AA47-2D86BF2D68CF",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D11EBE7-741F-4585-962F-99EAA29C1F0E",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "018D35E1-B5D0-456E-9348-79E6CD0560E2",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F6C963-A1BF-4579-9345-D0207269577A",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C762BE7-29D5-47B2-B3A3-8AD9646417B6",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6B989A-BA55-47F5-8269-D9FA435ECC29",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CFDA5A2-FDB6-4F7A-ADC1-A1016639FCDC",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F534EADF-DA49-4EDD-97F8-C4046E890D8B",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6010CA3B-B5AB-4C6B-93A9-A148207224B2",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0233F1B-2DDB-4B01-A549-E76C18BBC3F1",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0A2FCB-564D-4530-B642-624B6A4F1A22",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DBE74F-6E43-448F-9479-8FD75D5DCC22",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A5F5C3E-C71C-4FBF-A2F4-68CEC90097DA",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6ADE585-616C-4B40-A40C-EE97A8FAC653",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, undisclosed traffic patterns may lead to denial of service conditions for the BIG-IP system. The configuration which exposes this condition is the BIG-IP self IP address which is part of a VLAN group and has the Port Lockdown setting configured with anything other than \"allow-all\"."
    },
    {
      "lang": "es",
      "value": "En BIG-IP 14.0.0-14.0.0.2 o 13.0.0-13.1.1.1, los patrones de tr\u00e1fico no divulgados podr\u00edan conducir a denegaciones de servicio (DoS) para el sistema BIG-IP. La configuraci\u00f3n que expone esta condici\u00f3n es la autodirecci\u00f3n IP de BIG-IP, que forma parte de un grupo VLAN y tiene la opci\u00f3n Port Lockdown configurada con cualquier cosa que no sea \"allow-all\"."
    }
  ],
  "id": "CVE-2018-15320",
  "lastModified": "2024-11-21T03:50:33.310",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-31T14:29:00.423",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K72442354"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K72442354"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2014-06-03 14:55
Modified
2024-11-21 02:09
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 through 11.5.1, AAM 11.4.0 through 11.5.1 PEM 11.3.0 through 11.5.1, PSM 11.2.1 through 11.4.1, WebAccelerator and WOM 11.2.1 through 11.3.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
References
cve@mitre.orghttp://secunia.com/advisories/58969
cve@mitre.orghttp://support.f5.com/kb/en-us/solutions/public/15000/200/sol15296.htmlVendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/67771Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1030319Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1030320Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/58969
af854a3a-2127-422b-91ae-364da2661108http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15296.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/67771Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1030319Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1030320Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.2.1
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.5.1
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_edge_gateway 11.3.0
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.5.1
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.3.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_wan_optimization_manager 11.3.0
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_webaccelerator 11.3.0
f5 enterprise_manager 3.0.0
f5 enterprise_manager 3.1.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FDC1C0F-A00A-456C-AB51-CD139B15CB61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "125C8A19-4F51-42DD-BA11-F299721EFBB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 through 11.5.1, AAM 11.4.0 through 11.5.1 PEM 11.3.0 through 11.5.1, PSM 11.2.1 through 11.4.1, WebAccelerator and WOM 11.2.1 through 11.3.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de XSS en list.jsp en la utilidad de configuraci\u00f3n en F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM y Link Controller 11.2.1 hasta 11.5.1, AAM 11.4.0 hasta 11.5.1, PEM 11.3.0 hasta 11.5.1, PSM 11.2.1 hasta 11.4.1, WebAccelerator y WOM 11.2.1 hasta 11.3.0 y Enterprise Manager 3.0.0 hasta 3.1.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de par\u00e1metros no especificados."
    }
  ],
  "id": "CVE-2014-3959",
  "lastModified": "2024-11-21T02:09:13.237",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2014-06-03T14:55:11.490",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/58969"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15296.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/67771"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1030319"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1030320"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/58969"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15296.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/67771"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1030319"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1030320"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2016-04-12 14:59
Modified
2024-11-21 02:37
Severity ?
4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Summary
Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, Link Controller, and PSM 11.x before 11.2.1 HF11, 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; BIG-IP AAM 11.4.0 before HF8 and 11.4.1 before HF6; BIG-IP AFM and PEM 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; and BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF11 and 11.3.0 allows remote authenticated users to upload files via uploadImage.php.
References
cve@mitre.orghttp://www.securityfocus.com/bid/82340
cve@mitre.orghttp://www.securitytracker.com/id/1034781
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/82340
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1034781
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.htmlVendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_access_policy_manager 11.0.0
f5 big-ip_access_policy_manager 11.1.0
f5 big-ip_access_policy_manager 11.2.0
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.3.0
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.3.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_analytics 11.0.0
f5 big-ip_analytics 11.1.0
f5 big-ip_analytics 11.2.0
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.3.0
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_security_manager 11.0.0
f5 big-ip_application_security_manager 11.1.0
f5 big-ip_application_security_manager 11.2.0
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.3.0
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_edge_gateway 11.0.0
f5 big-ip_edge_gateway 11.1.0
f5 big-ip_edge_gateway 11.2.0
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_edge_gateway 11.3.0
f5 big-ip_global_traffic_manager 11.0.0
f5 big-ip_global_traffic_manager 11.1.0
f5 big-ip_global_traffic_manager 11.2.0
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.3.0
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_link_controller 11.0.0
f5 big-ip_link_controller 11.1.0
f5 big-ip_link_controller 11.2.0
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.3.0
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_local_traffic_manager 11.0.0
f5 big-ip_local_traffic_manager 11.1.0
f5 big-ip_local_traffic_manager 11.2.0
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.3.0
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.3.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_protocol_security_module 11.0.0
f5 big-ip_protocol_security_module 11.1.0
f5 big-ip_protocol_security_module 11.2.0
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_wan_optimization_manager 11.0.0
f5 big-ip_wan_optimization_manager 11.1.0
f5 big-ip_wan_optimization_manager 11.2.0
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_wan_optimization_manager 11.3.0
f5 big-ip_webaccelerator 11.0.0
f5 big-ip_webaccelerator 11.1.0
f5 big-ip_webaccelerator 11.2.0
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_webaccelerator 11.3.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, Link Controller, and PSM 11.x before 11.2.1 HF11, 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; BIG-IP AAM 11.4.0 before HF8 and 11.4.1 before HF6; BIG-IP AFM and PEM 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; and BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF11 and 11.3.0 allows remote authenticated users to upload files via uploadImage.php."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de lista negra incompleta en la utilidad Configuration en F5 BIG-IP LTM, Analytics, APM, ASM, GTM, Link Controller y PSM 11.x en versiones anteriores a 11.2.1 HF11, 11.3.x, 11.4.0 en versiones anteriores a HF8 y 11.4.1 en versiones anteriores a HF6; BIG-IP AAM 11.4.0 en versiones anteriores a HF8 y 11.4.1 en versiones anteriores a HF6; BIG-IP AFM y PEM 11.3.x, 11.4.0 en versiones anteriores a HF8 y 11.4.1 en versiones anteriores a HF6 y BIG-IP Edge Gateway, WebAccelerator y WOM 11.x en versiones anteriores a 11.2.1 HF11 y 11.3.0 permite a usuarios remotos autenticados cargar archivos a trav\u00e9s de uploadImage.php."
    }
  ],
  "id": "CVE-2015-8021",
  "lastModified": "2024-11-21T02:37:51.457",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-04-12T14:59:02.177",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/82340"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1034781"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/82340"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034781"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2016-09-07 19:28
Modified
2024-11-21 02:53
Severity ?
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.x before 11.2.1 HF16 and 11.3.0; BIG-IP GTM 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1 HF1; BIG-IP PSM 11.2.x before 11.2.1 HF16, 11.3.x, and 11.4.0 through 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0; and iWorkflow 2.0.0, when Packet Filtering is enabled on virtual servers and possibly self IP addresses, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) and possibly have unspecified other impact via crafted network traffic.
References
cve@mitre.orghttp://www.securitytracker.com/id/1036709Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1036710Third Party Advisory, VDB Entry
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1036709Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1036710Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.htmlVendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_link_controller 11.2.0
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.3.0
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.5.4
f5 big-ip_link_controller 11.6.0
f5 big-ip_link_controller 11.6.1
f5 big-ip_link_controller 12.0.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.5.4
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_policy_enforcement_manager 11.6.1
f5 big-ip_policy_enforcement_manager 12.0.0
f5 big-ip_access_policy_manager 11.2.0
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.3.0
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.5.4
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_access_policy_manager 11.6.1
f5 big-ip_access_policy_manager 12.0.0
f5 big-ip_global_traffic_manager 11.2.0
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.3.0
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.5.4
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_global_traffic_manager 11.6.1
f5 big-iq_cloud 4.0.0
f5 big-iq_cloud 4.1.0
f5 big-iq_cloud 4.2.0
f5 big-iq_cloud 4.3.0
f5 big-iq_cloud 4.4.0
f5 big-iq_cloud 4.5.0
f5 big-ip_webaccelerator 11.2.0
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_webaccelerator 11.3.0
f5 big-iq_application_delivery_controller 4.5.0
f5 big-ip_application_security_manager 11.2.0
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.3.0
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.5.4
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_application_security_manager 11.6.1
f5 big-ip_application_security_manager 12.0.0
f5 big-ip_local_traffic_manager 11.2.0
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.3.0
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.5.3
f5 big-ip_local_traffic_manager 11.5.4
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_local_traffic_manager 11.6.1
f5 big-ip_local_traffic_manager 12.0.0
f5 big-ip_wan_optimization_manager 11.2.0
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_wan_optimization_manager 11.3.0
f5 big-iq_device 4.2.0
f5 big-iq_device 4.3.0
f5 big-iq_device 4.4.0
f5 big-iq_device 4.5.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.5.4
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_advanced_firewall_manager 11.6.1
f5 big-ip_advanced_firewall_manager 12.0.0
f5 big-ip_domain_name_system 12.0.0
f5 big-iq_centralized_management 4.6.0
f5 big-iq_cloud_and_orchestration 1.0.0
f5 f5_iworkflow 2.0.0
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.5.4
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_acceleration_manager 11.6.1
f5 big-ip_application_acceleration_manager 12.0.0
f5 big-ip_edge_gateway 11.2.0
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_edge_gateway 11.3.0
f5 enterprise_manager 3.1.1
f5 big-ip_protocol_security_module 11.2.0
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_analytics 11.2.0
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.3.0
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.5.3
f5 big-ip_analytics 11.5.4
f5 big-ip_analytics 11.6.0
f5 big-ip_analytics 11.6.1
f5 big-ip_analytics 12.0.0
f5 big-iq_security 4.0.0
f5 big-iq_security 4.1.0
f5 big-iq_security 4.2.0
f5 big-iq_security 4.3.0
f5 big-iq_security 4.4.0
f5 big-iq_security 4.5.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C641B4F-DCFF-4A1B-9E00-EDF18A270241",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1EA4F45-35F7-4687-8D1A-A5ACD846500A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E33BCA5B-CE91-451C-9821-2023A9E461C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "911BB6DB-B2D1-4855-A65C-F0799E034358",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D88F8F3B-DD8B-4BB3-BB68-C43583318400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677AF16-146D-41A5-ABF3-56DB9C0D6CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3471D34-A76C-498A-8C45-1553A579A88B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94DBCD7A-E4DA-4C08-87A4-960CF53A83E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2B502F2-404C-463B-B6BE-87489DC881F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9538F63-3DC9-42CC-87D5-3CA048AE52A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBAB92C5-2D50-49CC-AECA-0D16BC44A788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:f5_iworkflow:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAC5A3C6-E7E1-4C67-B868-0BFA0CCC5956",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BE0210-7058-462A-BA17-845D3E4F52FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A065BC0-56BD-4665-A860-EBA37F1A4D8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0303BEA3-02EB-4F7C-96C5-29E231832CEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27CAD4CD-9228-4DE5-A333-2862AC18F24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC1A702-0CCB-48F9-A42E-D8C756DD9D76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.x before 11.2.1 HF16 and 11.3.0; BIG-IP GTM 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1 HF1; BIG-IP PSM 11.2.x before 11.2.1 HF16, 11.3.x, and 11.4.0 through 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0; and iWorkflow 2.0.0, when Packet Filtering is enabled on virtual servers and possibly self IP addresses, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) and possibly have unspecified other impact via crafted network traffic."
    },
    {
      "lang": "es",
      "value": "F5 BIG-IP LTM, Analytics, APM, ASM y Link Controller 11.2.x en versiones anteriores a 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 HF1 y 12.x en versiones anteriores a 12.0.0 HF3; BIG-IP AAM, AFM y PEM 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 HF1 y 12.x en versiones anteriores a 12.0.0 HF3; BIG-IP DNS 12.x en versiones anteriores a 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator y WOM 11.2.x en versiones anteriores a 11.2.1 HF16 y 11.3.0; BIG-IP GTM 11.2.x en versiones anteriores a 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2 y 11.6.x en versiones anteriores a 11.6.1 HF1; BIG-IP PSM 11.2.x en versiones anteriores a 11.2.1 HF16, 11.3.x y 11.4.0 hasta la version 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 hasta la version 4.5.0; BIG-IQ Device 4.2.0 hasta la version 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0 y iWorkflow 2.0.0, cuando Packet Filtering est\u00e1 habilitado en servidores virtuales y posiblemente en direcciones IP autom\u00e1ticas, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio de Traffic Management Microkernel) y posiblemente tener otro impacto no especificado a trav\u00e9s de tr\u00e1fico de red manipulado."
    }
  ],
  "id": "CVE-2016-5022",
  "lastModified": "2024-11-21T02:53:28.093",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-09-07T19:28:02.723",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036709"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036710"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036709"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036710"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-10-31 14:29
Modified
2024-11-21 03:50
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default "normalize URI" configuration options used in iRules and/or BIG-IP LTM policies.
References
f5sirt@f5.comhttp://www.securityfocus.com/bid/107052Third Party Advisory, VDB Entry
f5sirt@f5.comhttps://support.f5.com/csp/article/K64208870Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/107052Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K64208870Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1812DAA-6894-496B-A81E-74BB4B1F0DFD",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B189FA9C-D989-460B-85AC-FD39F8E0259E",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3A526B1-EB66-497F-B8B5-45205781B323",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1143C14-2CF5-4C26-BD43-49255A2B1D09",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A53D2261-716A-46D4-B1A4-1C1D84F6AF94",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9032E773-CAB2-4108-A86B-04A8383663BE",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A2C604-974E-4455-B510-41EFC1C25061",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11719D56-D88C-4970-B89E-376D6883857B",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "51218200-4536-4ED9-AA9A-301E2B30B829",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC3612AA-1F95-4994-B1EA-CA2122F211F7",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "93B1A472-EA29-4D4E-A27E-F40B0457DE39",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "224F2348-19DC-4242-8A1E-5F5BDCB86B9C",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B9C4FE2-9C1A-4189-969D-2CBB76858ADB",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E55CC546-E22D-4DD3-B0A6-9C4BC65E0951",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E021297A-FD19-446B-B526-7516503B6D24",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A81546-A1C7-4EA6-987E-794D875DBCFE",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE41473-F2DF-4FA8-B208-2A546DE49CA2",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC852AA9-7C30-44D8-A964-07DF817A4FF2",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8638DC02-A5DD-47CD-AE95-DD7ACF99717E",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "734B216E-67CD-44B3-AA47-2D86BF2D68CF",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D11EBE7-741F-4585-962F-99EAA29C1F0E",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6174AD48-BFDA-48BF-A394-B98553BFC7E8",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "018D35E1-B5D0-456E-9348-79E6CD0560E2",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F6C963-A1BF-4579-9345-D0207269577A",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "997402FC-4E9C-41B9-920B-23A760837548",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C762BE7-29D5-47B2-B3A3-8AD9646417B6",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6B989A-BA55-47F5-8269-D9FA435ECC29",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "22D79D9F-E4E6-44FD-AAAB-BC5F0B4DC801",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CFDA5A2-FDB6-4F7A-ADC1-A1016639FCDC",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F534EADF-DA49-4EDD-97F8-C4046E890D8B",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B76CC481-7DCC-42DD-8EEC-993782FF0AE4",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6010CA3B-B5AB-4C6B-93A9-A148207224B2",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0233F1B-2DDB-4B01-A549-E76C18BBC3F1",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E5DE77E-4BEA-477D-B604-862F35948529",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0A2FCB-564D-4530-B642-624B6A4F1A22",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DBE74F-6E43-448F-9479-8FD75D5DCC22",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "477D0345-6CA9-4614-974C-BA462320E352",
              "versionEndIncluding": "12.1.3.6",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A5F5C3E-C71C-4FBF-A2F4-68CEC90097DA",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6ADE585-616C-4B40-A40C-EE97A8FAC653",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default \"normalize URI\" configuration options used in iRules and/or BIG-IP LTM policies."
    },
    {
      "lang": "es",
      "value": "En BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1 o 12.1.0-12.1.3.6, las peticiones maliciosas realizadas a los servidores virtuales con un perfil HTTP pueden provocar que TMM se reinicie. El problema est\u00e1 expuesto a las opciones de configuraci\u00f3n \"normalize URI\", que no son por defecto, que se emplean en las pol\u00edticas iRules y/o BIG-IP LTM."
    }
  ],
  "id": "CVE-2018-15319",
  "lastModified": "2024-11-21T03:50:33.173",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-31T14:29:00.377",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/107052"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K64208870"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/107052"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K64208870"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2016-01-20 16:59
Modified
2024-11-21 02:33
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.x before HF6, BIG-IP AAM 11.4.x, 11.5.x before 11.5.3 HF2 and 11.6.0 before HF6, BIG-IP AFM and PEM 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Analytics 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP APM and ASM 10.1.0 through 10.2.4, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, and 11.3.0, BIG-IP PSM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, and 11.4.x before 11.4.1 HF, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 might allow remote attackers to cause a denial of service (memory consumption) via a large number of crafted UDP packets.
References
cve@mitre.orghttp://www.securitytracker.com/id/1034686
cve@mitre.orghttp://www.securitytracker.com/id/1034687
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/k/00/sol00032124.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1034686
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1034687
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/k/00/sol00032124.htmlVendor Advisory
Impacted products
Vendor Product Version
f5 big-iq_application_delivery_controller 4.5.0
f5 big-ip_local_traffic_manager 10.0.0
f5 big-ip_local_traffic_manager 10.0.1
f5 big-ip_local_traffic_manager 10.1.0
f5 big-ip_local_traffic_manager 10.2.0
f5 big-ip_local_traffic_manager 10.2.1
f5 big-ip_local_traffic_manager 10.2.2
f5 big-ip_local_traffic_manager 10.2.3
f5 big-ip_local_traffic_manager 10.2.4
f5 big-ip_local_traffic_manager 11.0.0
f5 big-ip_local_traffic_manager 11.1.0
f5 big-ip_local_traffic_manager 11.2.0
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.3.0
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.5.3
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_access_policy_manager 10.1.0
f5 big-ip_access_policy_manager 10.2.0
f5 big-ip_access_policy_manager 10.2.1
f5 big-ip_access_policy_manager 10.2.2
f5 big-ip_access_policy_manager 10.2.3
f5 big-ip_access_policy_manager 10.2.4
f5 big-ip_access_policy_manager 11.0.0
f5 big-ip_access_policy_manager 11.1.0
f5 big-ip_access_policy_manager 11.2.0
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.3.0
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_edge_gateway 10.1.0
f5 big-ip_edge_gateway 10.2.0
f5 big-ip_edge_gateway 10.2.1
f5 big-ip_edge_gateway 10.2.2
f5 big-ip_edge_gateway 10.2.3
f5 big-ip_edge_gateway 10.2.4
f5 big-ip_edge_gateway 11.0.0
f5 big-ip_edge_gateway 11.1.0
f5 big-ip_edge_gateway 11.2.0
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_edge_gateway 11.3.0
f5 big-ip_application_security_manager 10.1.0
f5 big-ip_application_security_manager 10.2.0
f5 big-ip_application_security_manager 10.2.1
f5 big-ip_application_security_manager 10.2.2
f5 big-ip_application_security_manager 10.2.3
f5 big-ip_application_security_manager 10.2.4
f5 big-ip_application_security_manager 11.0.0
f5 big-ip_application_security_manager 11.1.0
f5 big-ip_application_security_manager 11.2.0
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.3.0
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.6.0
f5 big-iq_security 4.0.0
f5 big-iq_security 4.1.0
f5 big-iq_security 4.2.0
f5 big-iq_security 4.3.0
f5 big-iq_security 4.4.0
f5 big-iq_security 4.5.0
f5 big-ip_wan_optimization_manager 10.1.0
f5 big-ip_wan_optimization_manager 10.2.0
f5 big-ip_wan_optimization_manager 10.2.1
f5 big-ip_wan_optimization_manager 10.2.2
f5 big-ip_wan_optimization_manager 10.2.3
f5 big-ip_wan_optimization_manager 10.2.4
f5 big-ip_wan_optimization_manager 11.0.0
f5 big-ip_wan_optimization_manager 11.1.0
f5 big-ip_wan_optimization_manager 11.2.0
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_wan_optimization_manager 11.3.0
f5 big-ip_global_traffic_manager 10.1.0
f5 big-ip_global_traffic_manager 10.2.0
f5 big-ip_global_traffic_manager 10.2.1
f5 big-ip_global_traffic_manager 10.2.2
f5 big-ip_global_traffic_manager 10.2.3
f5 big-ip_global_traffic_manager 10.2.4
f5 big-ip_global_traffic_manager 11.0.0
f5 big-ip_global_traffic_manager 11.1.0
f5 big-ip_global_traffic_manager 11.2.0
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.3.0
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_link_controller 10.1.0
f5 big-ip_link_controller 10.2.0
f5 big-ip_link_controller 10.2.1
f5 big-ip_link_controller 10.2.2
f5 big-ip_link_controller 10.2.3
f5 big-ip_link_controller 10.2.4
f5 big-ip_link_controller 11.0.0
f5 big-ip_link_controller 11.1.0
f5 big-ip_link_controller 11.2.0
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.3.0
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.6.0
f5 big-ip_advanced_firewall_manager 11.3.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_policy_enforcement_manager 11.3.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-iq_cloud 4.0.0
f5 big-iq_cloud 4.1.0
f5 big-iq_cloud 4.2.0
f5 big-iq_cloud 4.3.0
f5 big-iq_cloud 4.4.0
f5 big-iq_cloud 4.5.0
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-iq_device 4.2.0
f5 big-iq_device 4.3.0
f5 big-iq_device 4.4.0
f5 big-iq_device 4.5.0
f5 big-ip_enterprise_manager 3.0.0
f5 big-ip_enterprise_manager 3.1.0
f5 big-ip_enterprise_manager 3.1.1
f5 big-ip_webaccelerator 10.1.0
f5 big-ip_webaccelerator 10.2.0
f5 big-ip_webaccelerator 10.2.1
f5 big-ip_webaccelerator 10.2.2
f5 big-ip_webaccelerator 10.2.3
f5 big-ip_webaccelerator 10.2.4
f5 big-ip_webaccelerator 11.0.0
f5 big-ip_webaccelerator 11.1.0
f5 big-ip_webaccelerator 11.2.0
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_webaccelerator 11.3.0
f5 big-ip_analytics 11.0.0
f5 big-ip_analytics 11.1.0
f5 big-ip_analytics 11.2.0
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.3.0
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.5.3
f5 big-ip_analytics 11.6.0
f5 big-ip_protocol_security_module 10.1.0
f5 big-ip_protocol_security_module 10.2.0
f5 big-ip_protocol_security_module 10.2.1
f5 big-ip_protocol_security_module 10.2.2
f5 big-ip_protocol_security_module 10.2.3
f5 big-ip_protocol_security_module 10.2.4
f5 big-ip_protocol_security_module 11.0.0
f5 big-ip_protocol_security_module 11.1.0
f5 big-ip_protocol_security_module 11.2.0
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1C4384-1728-4A71-8634-DCE3F2AEB8F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AC8AA37-9962-4CF6-99E5-A6F94582B107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF1FD1C1-6980-4E9F-8DEF-D9E552510481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F443F1-C43F-42AD-98E4-AE11C72F363E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16CD0C3-13CC-46D2-8E33-A98B3ACC1992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE056B1B-5037-453C-B845-06A507452821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5BE38A0-CD2F-4C18-9EE3-D56A23BDB73A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "476D58C4-7699-45AC-B987-B42B5488240B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A1197A-7196-49AA-B368-5539180B8B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F73DC1-9174-4842-B772-D277D293214A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2BEA4E9-125B-47D7-99D0-DE469839622F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FB07A3-8D07-44F6-B827-B22D3799A707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD575B3E-FBA9-443A-9B52-49766DBE40C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D982EE29-D298-4D39-897A-580D867CDE50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D477F539-2E79-47BB-A8CF-F3A73AA72A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C59A21-CFC9-41CE-AEC3-FD9E8B02A5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE109CFC-59FD-4859-87EF-5FDD1BD94260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C19BDD-1286-48C7-8E7D-66C100D02319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4653A4-833F-4381-86E9-452F19A53868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD4E5E9-5289-4E84-A922-97364D8EB6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "479AFDC6-CE0E-4AAC-8DA9-26ADCD96E8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0303BEA3-02EB-4F7C-96C5-29E231832CEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27CAD4CD-9228-4DE5-A333-2862AC18F24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC1A702-0CCB-48F9-A42E-D8C756DD9D76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "126AD92E-6816-42C0-8801-A81B59C11A56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "890F363A-FC4F-4F52-BBFF-E959F65043A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0018A0C0-AFB3-4654-9504-78A2742C6EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A1ACF2F-3C0E-42E1-A1D2-6D682B2E32C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6363B0D-AC1F-4AF5-BC02-19F77A85F3AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B80111-6F28-4E7F-B9DE-27825866A138",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8D0587-ED89-4CDB-960D-37FBD522B146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77088CC-8C8C-4D6E-9770-634A5BF62A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D19442F-065D-4CBE-87EA-697CECD6A47C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445A56C-8D69-484B-8EC4-1F45B4490CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4758B4CB-5CD9-4505-8E91-E5E849937A63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C801C53F-9ECC-42B9-A119-5046706CA621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A544E4-B9BB-4735-8239-4FC57473BB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E5BF8D-7391-49E3-A17A-26A1F138A3C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C33FD2-8473-485C-9726-5673B49A031D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FA77AD2-557E-41E5-8BE5-F4B4A1AB8E13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D88F8F3B-DD8B-4BB3-BB68-C43583318400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677AF16-146D-41A5-ABF3-56DB9C0D6CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3471D34-A76C-498A-8C45-1553A579A88B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9538F63-3DC9-42CC-87D5-3CA048AE52A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13753E9F-11AA-41F4-930E-BD9866D03396",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D04FC0C-5E44-4DAD-9542-C772EA35916C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADE47FF9-E13D-41D3-BEA2-EF1B973CB0A9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F1A903-4AF5-4FE6-92B0-9F0B64723804",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "383966C0-2FDD-4755-BA16-EE73D4577DFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "288EB1AC-9DE3-4FE2-AE4D-006A49199877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1405D7AE-D14C-40F6-9144-EF2F18A6EBC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.x before HF6, BIG-IP AAM 11.4.x, 11.5.x before 11.5.3 HF2 and 11.6.0 before HF6, BIG-IP AFM and PEM 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Analytics 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP APM and ASM 10.1.0 through 10.2.4, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, and 11.3.0, BIG-IP PSM 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, and 11.4.x before 11.4.1 HF, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 might allow remote attackers to cause a denial of service (memory consumption) via a large number of crafted UDP packets."
    },
    {
      "lang": "es",
      "value": "Fuga de memoria en el modulo kernel last hop en F5 BIG-IP LTM, GTM y Link Controller 10.1.x, 10.2.x en versiones anteriores a 10.2.4 HF13, 11.x en versiones anteriores a 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x en versiones anteriores a 11.5.3 HF2 y 11.6.x en versiones anteriores a HF6, BIG-IP AAM 11.4.x, 11.5.x en versiones anteriores a 11.5.3 HF2 y 11.6.0 en versiones anteriores a HF6, BIG-IP AFM y PEM 11.3.x, 11.4.x, 11.5.x en versiones anteriores a 11.5.3 HF2 y 11.6.0 en versiones anteriores a HF6, BIG-IP Analytics 11.x en versiones anteriores a 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x en versiones anteriores a 11.5.3 HF2 y 11.6.0 en versiones anteriores a HF6, BIG-IP APM and ASM 10.1.0 hasta la versi\u00f3n 10.2.4, 11.x en versiones anteriores a 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x en versiones anteriores a 11.5.3 HF2 y 11.6.0 en versiones anteriores a HF6, BIG-IP Edge Gateway, WebAccelerator y WOM 10.1.x, 10.2.x en versiones anteriores a 10.2.4 HF13, 11.x en versiones anteriores a 11.2.1 HF15 y 11.3.0, BIG-IP PSM 10.1.x, 10.2.x en versiones anteriores a 10.2.4 HF13, 11.x en versiones anteriores a 11.2.1 HF15, 11.3.x y 11.4.x en versiones anteriores a 11.4.1 HF, Enterprise Manager 3.0.0 hasta la versi\u00f3n 3.1.1, BIG-IQ Cloud and Security 4.0.0 hasta la versi\u00f3n 4.5.0, BIG-IQ Device 4.2.0 hasta la versi\u00f3n 4.5.0 y BIG-IQ ADC 4.5.0 podr\u00eda permitir a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria) a trav\u00e9s de un gran n\u00famero de paquetes UDP manipulados."
    }
  ],
  "id": "CVE-2015-5516",
  "lastModified": "2024-11-21T02:33:11.340",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-01-20T16:59:01.380",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1034686"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1034687"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00032124.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034686"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034687"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00032124.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2014-06-23 11:21
Modified
2024-11-21 02:09
Severity ?
Summary
The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator.
References
cve@mitre.orghttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://permalink.gmane.org/gmane.linux.scsi.target.devel/6618Broken Link
cve@mitre.orghttp://secunia.com/advisories/59134Broken Link
cve@mitre.orghttp://secunia.com/advisories/59777Broken Link
cve@mitre.orghttp://secunia.com/advisories/60564Broken Link
cve@mitre.orghttp://secunia.com/advisories/61310Broken Link
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2014/06/11/1Mailing List, Patch, Third Party Advisory
cve@mitre.orghttp://www.ubuntu.com/usn/USN-2334-1Third Party Advisory
cve@mitre.orghttp://www.ubuntu.com/usn/USN-2335-1Third Party Advisory
cve@mitre.orghttps://bugzilla.redhat.com/show_bug.cgi?id=1108744Issue Tracking, Patch, Third Party Advisory
cve@mitre.orghttps://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dcPatch, Third Party Advisory
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59134Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59777Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60564Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61310Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2014/06/11/1Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2334-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2335-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=1108744Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dcPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.htmlThird Party Advisory
Impacted products
Vendor Product Version
linux linux_kernel *
redhat enterprise_linux 6.0
canonical ubuntu_linux 12.04
suse linux_enterprise_desktop 11
suse linux_enterprise_high_availability_extension 11
suse linux_enterprise_real_time_extension 11
suse linux_enterprise_server 11
suse linux_enterprise_server 11
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager 12.0.0
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager 12.0.0
f5 big-ip_analytics *
f5 big-ip_analytics 12.0.0
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager 12.0.0
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager 12.0.0
f5 big-ip_domain_name_system 12.0.0
f5 big-ip_edge_gateway *
f5 big-ip_global_traffic_manager *
f5 big-ip_link_controller *
f5 big-ip_link_controller 12.0.0
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager 12.0.0
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager 12.0.0
f5 big-ip_protocol_security_module *
f5 big-ip_wan_optimization_manager *
f5 big-ip_webaccelerator *
f5 big-iq_application_delivery_controller 4.5.0
f5 big-iq_cloud *
f5 big-iq_device *
f5 big-iq_security *
f5 enterprise_manager *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5673276-6E6D-4AB2-9DA6-7873D78E58CF",
              "versionEndExcluding": "3.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
              "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "A3A907A3-2A3A-46D4-8D75-914649877B65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "3DB41B45-D94D-4A58-88B0-B3EC3EC350E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
              "matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
              "matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0A477D7-D770-40FA-822E-0686791DCBBC",
              "versionEndIncluding": "11.6.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49BEE6CD-30CA-44B2-8A9E-B8198A44DB34",
              "versionEndIncluding": "11.6.0",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40013D7-C45F-4712-9FBB-12EC55ACA8A8",
              "versionEndIncluding": "11.6.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD759D15-7861-45DD-9141-4F2855164368",
              "versionEndIncluding": "11.6.0",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF00C6EB-94E6-47BA-9C73-F7EEF0F5C5F1",
              "versionEndIncluding": "11.6.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FF30167-0241-4136-82F8-2D2FB545C19A",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFB9C044-BDFD-44B6-9DEA-F9EC3B793F15",
              "versionEndIncluding": "11.6.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F7E38E6-5E18-491B-A4A3-E47EED2F882F",
              "versionEndIncluding": "11.6.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E48CB17C-616D-4637-9811-93B4291052F3",
              "versionEndIncluding": "11.6.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAA8052D-B8EA-4109-A93B-EDF8F1BF09F0",
              "versionEndIncluding": "11.6.0",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C666A18-9DED-4B49-92DE-474403FC17BF",
              "versionEndIncluding": "11.4.1",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6B52D60-38DB-4BE9-91F4-B6553F5E5A93",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1E3204F-9464-4AC3-819B-D1A6B399FAE3",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8BF865-BA45-4711-829F-EC8E5EA22D2F",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3E56EB-202A-4F58-8E94-B2DDA1693498",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "482E630B-93A1-4B9B-8273-821C116ADC4F",
              "versionEndIncluding": "3.1.1",
              "versionStartIncluding": "3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n rd_build_device_space en drivers/target/target_core_rd.c en el kernel de Linux anterior a 3.14 no inicializa debidamente cierta estructura de datos, lo que permite a usuarios locales obtener informaci\u00f3n sensible de la memoria ramdisk_mcp mediante el aprovechamiento del acceso a un iniciador SCSI."
    }
  ],
  "id": "CVE-2014-4027",
  "lastModified": "2024-11-21T02:09:21.917",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 2.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:M/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 4.4,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-06-23T11:21:18.700",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59134"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59777"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60564"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61310"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/06/11/1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2334-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2335-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1108744"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59134"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59777"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60564"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61310"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/06/11/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2334-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2335-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1108744"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15685.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2016-06-30 17:59
Modified
2024-11-21 02:53
Severity ?
8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script.
References
cve@mitre.orghttp://www.securityfocus.com/bid/91532Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1036131Third Party Advisory, VDB Entry
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/91532Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1036131Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.htmlVendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_wan_optimization_manager 10.2.1
f5 big-ip_wan_optimization_manager 10.2.2
f5 big-ip_wan_optimization_manager 10.2.3
f5 big-ip_wan_optimization_manager 10.2.4
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_protocol_security_module 10.2.1
f5 big-ip_protocol_security_module 10.2.2
f5 big-ip_protocol_security_module 10.2.3
f5 big-ip_protocol_security_module 10.2.4
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.5.4
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_acceleration_manager 11.6.1
f5 big-ip_application_acceleration_manager 12.0.0
f5 big-ip_application_acceleration_manager 12.1.0
f5 big-ip_edge_gateway 10.2.1
f5 big-ip_edge_gateway 10.2.2
f5 big-ip_edge_gateway 10.2.3
f5 big-ip_edge_gateway 10.2.4
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_webaccelerator 10.2.1
f5 big-ip_webaccelerator 10.2.2
f5 big-ip_webaccelerator 10.2.3
f5 big-ip_webaccelerator 10.2.4
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_domain_name_system 12.0.0
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.5.3
f5 big-ip_analytics 11.5.4
f5 big-ip_analytics 11.6.0
f5 big-ip_analytics 11.6.1
f5 big-ip_analytics 12.0.0
f5 big-ip_access_policy_manager 10.2.1
f5 big-ip_access_policy_manager 10.2.2
f5 big-ip_access_policy_manager 10.2.3
f5 big-ip_access_policy_manager 10.2.4
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.5.4
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_access_policy_manager 11.6.1
f5 big-ip_access_policy_manager 12.0.0
f5 big-ip_link_controller 10.2.1
f5 big-ip_link_controller 10.2.2
f5 big-ip_link_controller 10.2.3
f5 big-ip_link_controller 10.2.4
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.5.4
f5 big-ip_link_controller 11.6.0
f5 big-ip_link_controller 11.6.1
f5 big-ip_link_controller 12.0.0
f5 big-ip_local_traffic_manager 10.2.1
f5 big-ip_local_traffic_manager 10.2.2
f5 big-ip_local_traffic_manager 10.2.3
f5 big-ip_local_traffic_manager 10.2.4
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.5.3
f5 big-ip_local_traffic_manager 11.5.4
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_local_traffic_manager 11.6.1
f5 big-ip_local_traffic_manager 12.0.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.5.4
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_advanced_firewall_manager 11.6.1
f5 big-ip_advanced_firewall_manager 12.0.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.5.4
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_policy_enforcement_manager 11.6.1
f5 big-ip_policy_enforcement_manager 12.0.0
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_global_traffic_manager 10.2.1
f5 big-ip_global_traffic_manager 10.2.2
f5 big-ip_global_traffic_manager 10.2.3
f5 big-ip_global_traffic_manager 10.2.4
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.5.4
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_global_traffic_manager 11.6.1
f5 big-ip_application_security_manager 10.2.1
f5 big-ip_application_security_manager 10.2.2
f5 big-ip_application_security_manager 10.2.3
f5 big-ip_application_security_manager 10.2.4
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.5.4
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_application_security_manager 11.6.1
f5 big-ip_application_security_manager 12.0.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE899AF-EA61-4B9D-9523-BF436614CE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BA7D7A-02C8-411A-AFBF-D523E57A66C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0018A0C0-AFB3-4654-9504-78A2742C6EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A1ACF2F-3C0E-42E1-A1D2-6D682B2E32C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E807E667-0597-4F14-902A-B922C94F572C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02614B4F-0E90-456E-B7ED-387A3007FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F482624A-BE79-4A87-B676-DBB57369D31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "77888947-80CB-46B3-910E-DCCFDF6B3D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BE0210-7058-462A-BA17-845D3E4F52FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECA90FB8-E2CD-400F-B753-1B482E7FAC96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70B0F91-B269-4753-92E5-69F49CCB498D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44847A70-9301-4C53-93AF-8888CF074F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C59A21-CFC9-41CE-AEC3-FD9E8B02A5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE109CFC-59FD-4859-87EF-5FDD1BD94260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD7519A-2F81-42CB-A18A-0BA9DB0F90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16F5CB9-3A92-4A96-BC24-993FCF3DC13F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2748B48B-3E2A-4837-981E-5049CF627CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2E767A-65BC-420B-9BA3-12B51575FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A065BC0-56BD-4665-A860-EBA37F1A4D8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A1197A-7196-49AA-B368-5539180B8B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3F73DC1-9174-4842-B772-D277D293214A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2BEA4E9-125B-47D7-99D0-DE469839622F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FB07A3-8D07-44F6-B827-B22D3799A707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E33BCA5B-CE91-451C-9821-2023A9E461C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02A544E4-B9BB-4735-8239-4FC57473BB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E5BF8D-7391-49E3-A17A-26A1F138A3C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C33FD2-8473-485C-9726-5673B49A031D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FA77AD2-557E-41E5-8BE5-F4B4A1AB8E13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C641B4F-DCFF-4A1B-9E00-EDF18A270241",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF61656-A266-4A2D-A001-54339716A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC92F47-75EB-487A-B4A2-2B0B4C78B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16CD0C3-13CC-46D2-8E33-A98B3ACC1992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE056B1B-5037-453C-B845-06A507452821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2B502F2-404C-463B-B6BE-87489DC881F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBAB92C5-2D50-49CC-AECA-0D16BC44A788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1EA4F45-35F7-4687-8D1A-A5ACD846500A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8D0587-ED89-4CDB-960D-37FBD522B146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77088CC-8C8C-4D6E-9770-634A5BF62A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D19442F-065D-4CBE-87EA-697CECD6A47C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445A56C-8D69-484B-8EC4-1F45B4490CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "911BB6DB-B2D1-4855-A65C-F0799E034358",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCB7C80-DDA6-421C-92E8-E6E56E414E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "494085EA-7445-4592-8795-DCC035BDDC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD4E5E9-5289-4E84-A922-97364D8EB6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "479AFDC6-CE0E-4AAC-8DA9-26ADCD96E8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94DBCD7A-E4DA-4C08-87A4-960CF53A83E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script."
    },
    {
      "lang": "es",
      "value": "F5 BIG-IP en versiones anteriores a 12.0.0 HF3 permite a usuarios remotos autenticados modificar la configuraci\u00f3n de cuenta de usuarios con el rol Resource Administration y obtener privilegios a trav\u00e9s de una secuencia de comandos de monitor Extended Application Verification (EAV) externa manipulada."
    }
  ],
  "id": "CVE-2016-5020",
  "lastModified": "2024-11-21T02:53:27.740",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-06-30T17:59:08.970",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/91532"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036131"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/91532"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036131"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2017-05-01 15:59
Modified
2024-11-21 03:29
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An attacker may be able to cause a denial-of-service (DoS) attack against the sshd component in F5 BIG-IP, Enterprise Manager, BIG-IQ, and iWorkflow.
References
f5sirt@f5.comhttp://www.securitytracker.com/id/1038362
f5sirt@f5.comhttp://www.securitytracker.com/id/1038363
f5sirt@f5.comhttps://support.f5.com/csp/article/K92140924Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1038362
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1038363
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K92140924Mitigation, Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.5.3
f5 big-ip_local_traffic_manager 11.5.4
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_local_traffic_manager 11.6.1
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.5.4
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_acceleration_manager 11.6.1
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.5.4
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.5.3
f5 big-ip_analytics 11.5.4
f5 big-ip_analytics 11.6.0
f5 big-ip_analytics 11.6.1
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.5.4
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_access_policy_manager 11.6.1
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.5.4
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_application_security_manager 11.6.1
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.5.4
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_global_traffic_manager 11.6.1
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.5.4
f5 big-ip_link_controller 11.6.0
f5 big-ip_link_controller 11.6.1
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.5.4
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_policy_enforcement_manager 11.6.1
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_websafe 11.6.0
f5 big-ip_websafe 11.6.1
f5 enterprise_manager 3.1.1
f5 big-iq_cloud 4.4.0
f5 big-iq_cloud 4.5.0
f5 big-iq_device 4.4.0
f5 big-iq_device 4.5.0
f5 big-iq_security 4.4.0
f5 big-iq_security 4.5.0
f5 big-iq_application_delivery_controller 4.5.0
f5 big-iq_centralized_management 4.6.0
f5 big-iq_cloud_and_orchestration 1.0.0
f5 f5_iworkflow 2.0.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2B502F2-404C-463B-B6BE-87489DC881F9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BE0210-7058-462A-BA17-845D3E4F52FA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A065BC0-56BD-4665-A860-EBA37F1A4D8C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E33BCA5B-CE91-451C-9821-2023A9E461C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94DBCD7A-E4DA-4C08-87A4-960CF53A83E6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "911BB6DB-B2D1-4855-A65C-F0799E034358",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C641B4F-DCFF-4A1B-9E00-EDF18A270241",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1EA4F45-35F7-4687-8D1A-A5ACD846500A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "228D5DA1-C78A-4E05-997A-50F6C1B59593",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "452C59B8-230D-4FC0-B76D-FA6E381E3713",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3471D34-A76C-498A-8C45-1553A579A88B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9538F63-3DC9-42CC-87D5-3CA048AE52A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC1A702-0CCB-48F9-A42E-D8C756DD9D76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:f5_iworkflow:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAC5A3C6-E7E1-4C67-B868-0BFA0CCC5956",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An attacker may be able to cause a denial-of-service (DoS) attack against the sshd component in F5 BIG-IP, Enterprise Manager, BIG-IQ, and iWorkflow."
    },
    {
      "lang": "es",
      "value": "Un atacante puede ser capaz de causar un ataque de denegaci\u00f3n de servicio (DoS) contra el componente sshd en F5 BIG-IP, Enterprise Manager, BIG-IQ e iWorkflow"
    }
  ],
  "id": "CVE-2017-6128",
  "lastModified": "2024-11-21T03:29:06.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-05-01T15:59:00.227",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "url": "http://www.securitytracker.com/id/1038362"
    },
    {
      "source": "f5sirt@f5.com",
      "url": "http://www.securitytracker.com/id/1038363"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K92140924"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1038362"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1038363"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K92140924"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2014-01-30 15:06
Modified
2024-11-21 01:40
Severity ?
Summary
Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x before 11.2.0-HF3 and 11.2.x before 11.2.1-HF3 allow remote authenticated users to execute arbitrary SQL commands via the defaultQuery parameter.
References
cret@cert.orghttp://archives.neohapsis.com/archives/bugtraq/2013-01/0094.html
cret@cert.orghttp://osvdb.org/89446
cret@cert.orghttp://packetstormsecurity.com/files/119739/F5-BIG-IP-11.2.0-SQL-Injection.html
cret@cert.orghttp://secunia.com/advisories/51867Vendor Advisory
cret@cert.orghttp://support.f5.com/kb/en-us/solutions/public/14000/100/sol14154.html
cret@cert.orghttp://www.securityfocus.com/bid/57500
cret@cert.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/81457
cret@cert.orghttps://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130122-1_F5_BIG-IP_SQL_Injection_v10.txt
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/bugtraq/2013-01/0094.html
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/89446
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/119739/F5-BIG-IP-11.2.0-SQL-Injection.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/51867Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14154.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/57500
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/81457
af854a3a-2127-422b-91ae-364da2661108https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130122-1_F5_BIG-IP_SQL_Injection_v10.txt
Impacted products
Vendor Product Version
f5 big-ip_webaccelerator 11.0.0
f5 big-ip_webaccelerator 11.1.0
f5 big-ip_webaccelerator 11.2.0
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_global_traffic_manager 11.0.0
f5 big-ip_global_traffic_manager 11.0.0
f5 big-ip_global_traffic_manager 11.1.0
f5 big-ip_global_traffic_manager 11.1.0
f5 big-ip_global_traffic_manager 11.2.0
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.0.0
f5 big-ip_local_traffic_manager 11.0.0
f5 big-ip_local_traffic_manager 11.1.0
f5 big-ip_local_traffic_manager 11.1.0
f5 big-ip_local_traffic_manager 11.2.0
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_protocol_security_module 11.0.0
f5 big-ip_protocol_security_module 11.1.0
f5 big-ip_protocol_security_module 11.2.0
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_wan_optimization_manager 11.0.0
f5 big-ip_wan_optimization_manager 11.1.0
f5 big-ip_wan_optimization_manager 11.2.0
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_link_controller 11.0.0
f5 big-ip_link_controller 11.1.0
f5 big-ip_link_controller 11.2.0
f5 big-ip_link_controller 11.2.1
f5 big-ip_analytics 11.0.0
f5 big-ip_analytics 11.1.0
f5 big-ip_analytics 11.2.0
f5 big-ip_analytics 11.2.1
f5 big-ip_application_security_manager 11.0.0
f5 big-ip_application_security_manager 11.0.0
f5 big-ip_application_security_manager 11.1.0
f5 big-ip_application_security_manager 11.1.0
f5 big-ip_application_security_manager 11.2.0
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_access_policy_manager 11.1.0
f5 big-ip_access_policy_manager 11.2.0
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.0.0
f5 big-ip_access_policy_manager 11.1.0
f5 big-ip_access_policy_manager 11.2.0
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_edge_gateway 11.0.0
f5 big-ip_edge_gateway 11.1.0
f5 big-ip_edge_gateway 11.2.0
f5 big-ip_edge_gateway 11.2.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5E8E654-DA20-45F9-A25E-44D1E31F64C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7DCB7-D01E-492A-A810-01B15F03A783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.0.0:hf1:*:*:*:*:*:*",
              "matchCriteriaId": "EACC4566-B29A-41DD-A568-7A3E1F1CDBD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:hf2:*:*:*:*:*:*",
              "matchCriteriaId": "BD3700DB-FF49-4B44-8480-77ABC4C287E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C72FF118-E7A5-42DE-A9A0-703E71615045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.0.0:hf1:*:*:*:*:*:*",
              "matchCriteriaId": "6A3F75C1-864F-4F20-AAF3-29DAA5F3B421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:hf2:*:*:*:*:*:*",
              "matchCriteriaId": "E752C74C-BE49-45EA-8ACC-C0ACBF3A795C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3251DB7F-0436-48D5-AF7B-F812237DB926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14D0DD3-E6A9-43C8-85D7-6DBB16E30DD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FFC93-7053-441C-AD96-ED57F97E9A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA5C323-7247-42B5-AF3E-F7E8A18932CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "094BD2B6-E269-4647-A77C-B584805B6203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.0.0:hf1:*:*:*:*:*:*",
              "matchCriteriaId": "9AED0FFD-DFF4-431D-A189-DCD1F00600D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:hf2:*:*:*:*:*:*",
              "matchCriteriaId": "CEE80F37-A5A9-4276-83D4-13F65101A4E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:standalone",
              "matchCriteriaId": "B724E2E6-D28A-4F6F-BF9D-D40AE970C43F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:standalone",
              "matchCriteriaId": "CCDCC772-50EC-4709-A042-AED38B17A0CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:standalone",
              "matchCriteriaId": "52B45A67-64B1-44DE-AF6A-AE8448A99BC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:standalone",
              "matchCriteriaId": "2EED459F-7CF2-49FF-9D67-AB9DDD7ACE9A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53531CA7-5E47-4C46-BDA5-3B4710085078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x before 11.2.0-HF3 and 11.2.x before 11.2.1-HF3 allow remote authenticated users to execute arbitrary SQL commands via the defaultQuery parameter."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n de SQL en sam/admin/reports/php/saveSettings.php en el APM WebGUI de F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, y Analytics y (2) AVR WebGUI en WebAccelerator y WOM 11.2.x anterior a la versi\u00f3n 11.2.0-HF3 y 11.2.x anterior a 11.2.1-HF3 permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro defaultQuery."
    }
  ],
  "id": "CVE-2012-3000",
  "lastModified": "2024-11-21T01:40:05.820",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-01-30T15:06:21.767",
  "references": [
    {
      "source": "cret@cert.org",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0094.html"
    },
    {
      "source": "cret@cert.org",
      "url": "http://osvdb.org/89446"
    },
    {
      "source": "cret@cert.org",
      "url": "http://packetstormsecurity.com/files/119739/F5-BIG-IP-11.2.0-SQL-Injection.html"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/51867"
    },
    {
      "source": "cret@cert.org",
      "url": "http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14154.html"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securityfocus.com/bid/57500"
    },
    {
      "source": "cret@cert.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81457"
    },
    {
      "source": "cret@cert.org",
      "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130122-1_F5_BIG-IP_SQL_Injection_v10.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2013-01/0094.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/89446"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://packetstormsecurity.com/files/119739/F5-BIG-IP-11.2.0-SQL-Injection.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/51867"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14154.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/57500"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81457"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130122-1_F5_BIG-IP_SQL_Injection_v10.txt"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2016-04-11 14:59
Modified
2024-11-21 02:38
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and BIG-IP PEM before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.0 HF6 and BIG-IP PSM before 11.4.1 HF10 does not properly handle TCP options, which allows remote attackers to cause a denial of service via unspecified vectors, related to the tm.minpathmtu database variable.
References
cve@mitre.orghttp://www.securitytracker.com/id/1035367
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/k/06/sol06223540.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1035367
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/k/06/sol06223540.htmlVendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.3
f5 big-ip_analytics 11.6.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.6.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.3
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_protocol_security_module 11.4.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and BIG-IP PEM before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.0 HF6 and BIG-IP PSM before 11.4.1 HF10 does not properly handle TCP options, which allows remote attackers to cause a denial of service via unspecified vectors, related to the tm.minpathmtu database variable."
    },
    {
      "lang": "es",
      "value": "El Traffic Management Microkernel (TMM) en F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller y BIG-IP PEM en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4 y 11.6.x en versiones anteriores a 11.6.0 HF6 y BIG-IP PSM en versiones anteriores a 11.4.1 HF10 no maneja correctamente opciones TCP, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio a trav\u00e9s de vectores no especificados, relacionado con la variable de base de datos tm.minpathmtu."
    }
  ],
  "id": "CVE-2015-8240",
  "lastModified": "2024-11-21T02:38:10.190",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-04-11T14:59:00.113",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1035367"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06223540.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1035367"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06223540.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-19"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-10-31 14:29
Modified
2024-11-21 03:50
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.2.1-11.6.3.2, an attacker sending specially crafted SSL records to a SSL Virtual Server will cause corruption in the SSL data structures leading to intermittent decrypt BAD_RECORD_MAC errors. Clients will be unable to access the application load balanced by a virtual server with an SSL profile until tmm is restarted.
References
f5sirt@f5.comhttps://support.f5.com/csp/article/K43625118Mitigation, Vendor Advisory
f5sirt@f5.comhttps://support.f5.com/csp/article/K43625118?utm_source=f5support&amp%3Butm_medium=RSS
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K43625118Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K43625118?utm_source=f5support&amp%3Butm_medium=RSS
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0740491-CFC6-4D53-A39F-3244710282D0",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F9094D4-087E-45D8-AD7B-A2FA1BF1E2F8",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D746D9C6-28DE-4170-9F08-16C58F160752",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFECB54D-C240-495E-A97B-6694BB992C9D",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3A526B1-EB66-497F-B8B5-45205781B323",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "88880F08-386C-4BC3-952D-DD1665D8B1EB",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "41D7E35D-EAC4-4D00-BB52-19414EEDD286",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8478F27-F451-4C94-9D45-9FCF30B6EB84",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6F24FC1-B549-48F9-AF0E-AB441E5EE4B4",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9032E773-CAB2-4108-A86B-04A8383663BE",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C47559FB-EC85-4A3A-B967-0BD37934B33D",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40C7F0AE-F55C-42D9-A6EF-1A0D53FFD4DE",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F63A24-36A9-4C90-B73B-131A5658C4C1",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE608E62-F3E2-405C-8239-760A7C1E1527",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "51218200-4536-4ED9-AA9A-301E2B30B829",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3EDF519-7610-4223-BBD7-B75438ACD8B2",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "39C62474-8F2E-4394-8B9E-FB06F8CE95C4",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCA46825-0425-4C7D-B846-05E6D4081F51",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "05456A39-5301-421B-853A-4651E1B13DE8",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "224F2348-19DC-4242-8A1E-5F5BDCB86B9C",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1C0F266-7321-4BBC-B5C6-8D25DCC1715F",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F51999-6742-445C-936B-C2873C5F27CB",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A537300-3211-4136-89C7-B99AD4F13B8C",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F921FE3-B481-4552-AE7C-FEE05DB6D301",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E021297A-FD19-446B-B526-7516503B6D24",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28DE49F7-E999-4D3F-8767-A2C3615DF780",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21A5DC79-66A0-4195-9A19-42FD2B5D7941",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "897F4A4D-D2E2-4171-8ECA-7E981034DE16",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84F95F43-BF52-423E-9B1A-55D6B7262A57",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC852AA9-7C30-44D8-A964-07DF817A4FF2",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ABCEA29-0EDF-4D41-BB61-F2C293A5A2E2",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB32AD06-69AF-4289-B854-ED9141E76582",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "31C5842B-0261-4CDB-888E-329FF7D73108",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B73F018-4FAD-48B3-9806-FC827787E323",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D11EBE7-741F-4585-962F-99EAA29C1F0E",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "55366FD7-D7BA-4D36-AC5D-1B822940842F",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63E2912-58B9-4541-8E5D-993F73AB74F1",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC818DB1-C85A-47A3-ABE2-0FFCD7AC3E40",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11876D9C-0082-454A-8254-B5FD74E87719",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F6C963-A1BF-4579-9345-D0207269577A",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C050740-2FD3-474D-A09A-C122F031342F",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C21FA11D-0C58-4DF7-85E0-5E8E7B1F14A8",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB7193B-3BEF-4920-9893-FF196E785850",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2680D4AD-CCD0-4964-8D8F-CF1FCDA2BEC3",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6B989A-BA55-47F5-8269-D9FA435ECC29",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FC80682-E373-4508-A297-EA19BF62BABA",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42E368FA-5A85-428E-B63D-FD027CD46E8E",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E5B875A-ACFE-4C98-B6C4-5A6262C09E23",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A00660C1-7A1C-42CF-A829-503DC2EC08E0",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F534EADF-DA49-4EDD-97F8-C4046E890D8B",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EBEBCB3-AF9E-4049-980D-E87B756D6D51",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34EC5593-4293-4D2A-A110-25D371F3E281",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ED25E87-39BC-4D15-B37A-FCBE97F7D3D2",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49F45207-07ED-4DF8-ABDA-4AD3E9CA26D1",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0233F1B-2DDB-4B01-A549-E76C18BBC3F1",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B885F0E9-8019-4053-AAAA-2C136D55FB71",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6217D65D-B15B-426B-8692-BA461BB57663",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "56181224-56D4-43BE-A296-52DF599A2BD5",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D43A55D-E9D4-45A3-8B41-B4B22BE4A536",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DBE74F-6E43-448F-9479-8FD75D5DCC22",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D655B3FF-5173-4850-B94C-B864E2115D95",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "91F78D2C-DC7C-4B1C-AB44-3CB810240D42",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6355263D-8407-466D-BB71-CB6316EDC668",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9479031-90AA-4C1D-B14C-CDFFBC99CCDE",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6ADE585-616C-4B40-A40C-EE97A8FAC653",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.2.1-11.6.3.2, an attacker sending specially crafted SSL records to a SSL Virtual Server will cause corruption in the SSL data structures leading to intermittent decrypt BAD_RECORD_MAC errors. Clients will be unable to access the application load balanced by a virtual server with an SSL profile until tmm is restarted."
    },
    {
      "lang": "es",
      "value": "En BIG-IP versi\u00f3n 14.0.0 hasta 4.0.0.2, versi\u00f3n 13.0.0 hasta 13.1.1.5,  versi\u00f3n 12.1.0 hasta 12.1.4.1 y versi\u00f3n 11.2.1 hasta 11.6.3.2, un atacante que env\u00ede registros SSL especialmente creados hacia un servidor virtual SSL puede causar da\u00f1os en las estructuras de datos SSL que llevan a descifrar errores BAD_RECORD_MAC de forma intermitente. Los clientes ser\u00e1n inhabilitados para acceder a la carga de la aplicaci\u00f3n balanceada por un servidor virtual con un perfil SSL hasta que  tmm sea reiniciado."
    }
  ],
  "id": "CVE-2018-15317",
  "lastModified": "2024-11-21T03:50:32.840",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-31T14:29:00.250",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K43625118"
    },
    {
      "source": "f5sirt@f5.com",
      "url": "https://support.f5.com/csp/article/K43625118?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K43625118"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/csp/article/K43625118?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2017-05-11 16:29
Modified
2024-11-21 02:58
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, APM, ASM, GTM, Link Controller, PEM, PSM, and WebSafe 11.6.0 before 11.6.0 HF6, 11.5.0 before 11.5.3 HF2, and 11.3.0 before 11.4.1 HF10 may suffer from a memory leak while handling certain types of TCP traffic. Remote attackers may cause a denial of service (DoS) by way of a crafted TCP packet.
References
f5sirt@f5.comhttp://www.securityfocus.com/bid/94353Third Party Advisory, VDB Entry
f5sirt@f5.comhttp://www.securitytracker.com/id/1037274
f5sirt@f5.comhttps://support.f5.com/csp/#/article/K87416818Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/94353Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1037274
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/#/article/K87416818Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_websafe 11.6.0
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_policy_enforcement_manager 11.3.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_link_controller 11.3.0
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.6.0
f5 big-ip_global_traffic_manager 11.3.0
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_application_security_manager 11.3.0
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_access_policy_manager 11.3.0
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_advanced_firewall_manager 11.3.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_application_acceleration_manager 11.3.0
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_local_traffic_manager 11.3.0
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.5.3
f5 big-ip_local_traffic_manager 11.6.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "228D5DA1-C78A-4E05-997A-50F6C1B59593",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DEC03E5-8CFB-4CEA-9774-FB0D953E00F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, APM, ASM, GTM, Link Controller, PEM, PSM, and WebSafe 11.6.0 before 11.6.0 HF6, 11.5.0 before 11.5.3 HF2, and 11.3.0 before 11.4.1 HF10 may suffer from a memory leak while handling certain types of TCP traffic. Remote attackers may cause a denial of service (DoS) by way of a crafted TCP packet."
    },
    {
      "lang": "es",
      "value": "El Traffic Management Microkernel (TMM) en F5 BIG-IP LTM, AAM, AFM, APM, ASM, GTM, Link Controller, PEM, PSM y WebSafe versi\u00f3n 11.6.0 y anteriores a 11.6.0 HF6, versi\u00f3n 11.5.0 y anteriores a 11.5.3 HF2 , y versi\u00f3n 11.3.0 y anteriores a 11.4.1 HF10, puede sufrir una fuga de memoria al manejar ciertos tipos de tr\u00e1fico TCP. Los atacantes remotos pueden causar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un paquete TCP manipulado."
    }
  ],
  "id": "CVE-2016-7476",
  "lastModified": "2024-11-21T02:58:04.610",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-05-11T16:29:00.167",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/94353"
    },
    {
      "source": "f5sirt@f5.com",
      "url": "http://www.securitytracker.com/id/1037274"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/#/article/K87416818"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/94353"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1037274"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/#/article/K87416818"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2014-09-25 01:55
Modified
2025-01-06 19:35
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
References
cve@mitre.orghttp://advisories.mageia.org/MGASA-2014-0393.htmlThird Party Advisory
cve@mitre.orghttp://archives.neohapsis.com/archives/bugtraq/2014-10/0101.htmlBroken Link
cve@mitre.orghttp://jvn.jp/en/jp/JVN55667175/index.htmlThird Party Advisory
cve@mitre.orghttp://jvndb.jvn.jp/jvndb/JVNDB-2014-000126Third Party Advisory, VDB Entry
cve@mitre.orghttp://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.htmlThird Party Advisory
cve@mitre.orghttp://linux.oracle.com/errata/ELSA-2014-1306.htmlThird Party Advisory
cve@mitre.orghttp://linux.oracle.com/errata/ELSA-2014-3075.htmlThird Party Advisory
cve@mitre.orghttp://linux.oracle.com/errata/ELSA-2014-3077.htmlThird Party Advisory
cve@mitre.orghttp://linux.oracle.com/errata/ELSA-2014-3078.htmlThird Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-updates/2014-10/msg00023.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-updates/2014-10/msg00025.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141216207813411&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141216668515282&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141235957116749&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141319209015420&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141330425327438&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141330468527613&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141345648114150&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141383026420882&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141383081521087&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141383138121313&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141383196021590&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141383244821813&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141383304022067&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141383353622268&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141383465822787&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141450491804793&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141576728022234&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141577137423233&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141577241923505&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141577297623641&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141585637922673&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141694386919794&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141879528318582&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=141879528318582&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=142113462216480&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=142113462216480&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=142118135300698&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=142118135300698&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=142118135300698&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=142358026505815&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=142358026505815&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=142358078406056&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=142721162228379&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=142721162228379&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=142805027510172&w=2Mailing List
cve@mitre.orghttp://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.htmlExploit, Third Party Advisory, VDB Entry
cve@mitre.orghttp://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.htmlExploit, Third Party Advisory, VDB Entry
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2014-1306.htmlThird Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2014-1311.htmlThird Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2014-1312.htmlThird Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2014-1354.htmlThird Party Advisory
cve@mitre.orghttp://seclists.org/fulldisclosure/2014/Oct/0Mailing List, Third Party Advisory
cve@mitre.orghttp://secunia.com/advisories/58200Broken Link
cve@mitre.orghttp://secunia.com/advisories/59272Broken Link
cve@mitre.orghttp://secunia.com/advisories/59737Broken Link
cve@mitre.orghttp://secunia.com/advisories/59907Broken Link
cve@mitre.orghttp://secunia.com/advisories/60024Broken Link
cve@mitre.orghttp://secunia.com/advisories/60034Broken Link
cve@mitre.orghttp://secunia.com/advisories/60044Broken Link
cve@mitre.orghttp://secunia.com/advisories/60055Broken Link
cve@mitre.orghttp://secunia.com/advisories/60063Broken Link
cve@mitre.orghttp://secunia.com/advisories/60193Broken Link
cve@mitre.orghttp://secunia.com/advisories/60325Broken Link
cve@mitre.orghttp://secunia.com/advisories/60433Broken Link
cve@mitre.orghttp://secunia.com/advisories/60947Broken Link
cve@mitre.orghttp://secunia.com/advisories/61065Broken Link
cve@mitre.orghttp://secunia.com/advisories/61128Broken Link
cve@mitre.orghttp://secunia.com/advisories/61129Broken Link
cve@mitre.orghttp://secunia.com/advisories/61188Broken Link
cve@mitre.orghttp://secunia.com/advisories/61283Broken Link
cve@mitre.orghttp://secunia.com/advisories/61287Broken Link
cve@mitre.orghttp://secunia.com/advisories/61291Broken Link
cve@mitre.orghttp://secunia.com/advisories/61312Broken Link
cve@mitre.orghttp://secunia.com/advisories/61313Broken Link
cve@mitre.orghttp://secunia.com/advisories/61328Broken Link
cve@mitre.orghttp://secunia.com/advisories/61442Broken Link
cve@mitre.orghttp://secunia.com/advisories/61471Broken Link
cve@mitre.orghttp://secunia.com/advisories/61479Broken Link
cve@mitre.orghttp://secunia.com/advisories/61485Broken Link
cve@mitre.orghttp://secunia.com/advisories/61503Broken Link
cve@mitre.orghttp://secunia.com/advisories/61550Broken Link
cve@mitre.orghttp://secunia.com/advisories/61552Broken Link
cve@mitre.orghttp://secunia.com/advisories/61565Broken Link
cve@mitre.orghttp://secunia.com/advisories/61603Broken Link
cve@mitre.orghttp://secunia.com/advisories/61618Broken Link
cve@mitre.orghttp://secunia.com/advisories/61619Broken Link
cve@mitre.orghttp://secunia.com/advisories/61622Broken Link
cve@mitre.orghttp://secunia.com/advisories/61626Broken Link
cve@mitre.orghttp://secunia.com/advisories/61633Broken Link
cve@mitre.orghttp://secunia.com/advisories/61641Broken Link
cve@mitre.orghttp://secunia.com/advisories/61643Broken Link
cve@mitre.orghttp://secunia.com/advisories/61654Broken Link
cve@mitre.orghttp://secunia.com/advisories/61676Broken Link
cve@mitre.orghttp://secunia.com/advisories/61700Broken Link
cve@mitre.orghttp://secunia.com/advisories/61703Broken Link
cve@mitre.orghttp://secunia.com/advisories/61711Broken Link
cve@mitre.orghttp://secunia.com/advisories/61715Broken Link
cve@mitre.orghttp://secunia.com/advisories/61780Broken Link
cve@mitre.orghttp://secunia.com/advisories/61816Broken Link
cve@mitre.orghttp://secunia.com/advisories/61855Broken Link
cve@mitre.orghttp://secunia.com/advisories/61857Broken Link
cve@mitre.orghttp://secunia.com/advisories/61873Broken Link
cve@mitre.orghttp://secunia.com/advisories/62228Broken Link
cve@mitre.orghttp://secunia.com/advisories/62312Broken Link
cve@mitre.orghttp://secunia.com/advisories/62343Broken Link
cve@mitre.orghttp://support.apple.com/kb/HT6495Third Party Advisory
cve@mitre.orghttp://support.novell.com/security/cve/CVE-2014-7169.htmlThird Party Advisory
cve@mitre.orghttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bashThird Party Advisory
cve@mitre.orghttp://twitter.com/taviso/statuses/514887394294652929Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=isg3T1021272Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=isg3T1021279Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=isg3T1021361Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21685541Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21685604Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21685733Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21685749Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21685914Broken Link
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21686084Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21686131Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21686246Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21686445Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21686447Broken Link
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21686479Broken Link
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21686494Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21687079Third Party Advisory
cve@mitre.orghttp://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315Broken Link
cve@mitre.orghttp://www.debian.org/security/2014/dsa-3035Mailing List, Third Party Advisory
cve@mitre.orghttp://www.kb.cert.org/vuls/id/252743Third Party Advisory, US Government Resource
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2015:164Broken Link
cve@mitre.orghttp://www.novell.com/support/kb/doc.php?id=7015701Third Party Advisory
cve@mitre.orghttp://www.novell.com/support/kb/doc.php?id=7015721Third Party Advisory
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2014/09/24/32Mailing List
cve@mitre.orghttp://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.htmlPatch, Third Party Advisory
cve@mitre.orghttp://www.qnap.com/i/en/support/con_show.php?cid=61Third Party Advisory
cve@mitre.orghttp://www.securityfocus.com/archive/1/533593/100/0/threadedBroken Link, Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.ubuntu.com/usn/USN-2363-1Third Party Advisory
cve@mitre.orghttp://www.ubuntu.com/usn/USN-2363-2Third Party Advisory
cve@mitre.orghttp://www.us-cert.gov/ncas/alerts/TA14-268AThird Party Advisory, US Government Resource
cve@mitre.orghttp://www.vmware.com/security/advisories/VMSA-2014-0010.htmlThird Party Advisory
cve@mitre.orghttps://access.redhat.com/articles/1200223Third Party Advisory
cve@mitre.orghttps://access.redhat.com/node/1200223Third Party Advisory
cve@mitre.orghttps://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+FixesBroken Link
cve@mitre.orghttps://kb.bluecoat.com/index?page=content&id=SA82Broken Link
cve@mitre.orghttps://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648Third Party Advisory
cve@mitre.orghttps://kc.mcafee.com/corporate/index?page=content&id=SB10085Broken Link
cve@mitre.orghttps://support.apple.com/kb/HT6535Third Party Advisory
cve@mitre.orghttps://support.citrix.com/article/CTX200217Third Party Advisory
cve@mitre.orghttps://support.citrix.com/article/CTX200223Permissions Required
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.htmlThird Party Advisory
cve@mitre.orghttps://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075Broken Link
cve@mitre.orghttps://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183Broken Link
cve@mitre.orghttps://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlertsThird Party Advisory
cve@mitre.orghttps://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006Third Party Advisory
cve@mitre.orghttps://www.exploit-db.com/exploits/34879/Exploit, Third Party Advisory, VDB Entry
cve@mitre.orghttps://www.suse.com/support/shellshock/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://advisories.mageia.org/MGASA-2014-0393.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.htmlBroken Link
af854a3a-2127-422b-91ae-364da2661108http://jvn.jp/en/jp/JVN55667175/index.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://linux.oracle.com/errata/ELSA-2014-1306.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://linux.oracle.com/errata/ELSA-2014-3075.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://linux.oracle.com/errata/ELSA-2014-3077.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://linux.oracle.com/errata/ELSA-2014-3078.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141216207813411&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141216668515282&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141235957116749&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141319209015420&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141330425327438&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141330468527613&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141345648114150&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141383026420882&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141383081521087&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141383138121313&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141383196021590&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141383244821813&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141383304022067&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141383353622268&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141383465822787&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141450491804793&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141576728022234&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141577137423233&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141577241923505&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141577297623641&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141585637922673&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141694386919794&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141879528318582&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=141879528318582&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142113462216480&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142113462216480&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142118135300698&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142118135300698&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142118135300698&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142358026505815&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142358026505815&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142358078406056&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142721162228379&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142721162228379&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142805027510172&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.htmlExploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.htmlExploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-1306.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-1311.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-1312.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-1354.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2014/Oct/0Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/58200Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59272Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59737Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59907Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60024Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60034Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60044Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60055Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60063Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60193Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60325Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60433Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60947Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61065Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61128Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61129Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61188Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61283Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61287Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61291Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61312Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61313Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61328Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61442Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61471Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61479Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61485Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61503Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61550Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61552Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61565Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61603Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61618Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61619Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61622Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61626Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61633Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61641Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61643Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61654Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61676Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61700Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61703Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61711Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61715Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61780Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61816Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61855Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61857Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61873Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/62228Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/62312Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/62343Broken Link
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT6495Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.novell.com/security/cve/CVE-2014-7169.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bashThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://twitter.com/taviso/statuses/514887394294652929Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21685541Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21685604Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21685733Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21685749Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21685914Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21686084Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21686131Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21686246Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21686445Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21686447Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21686479Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21686494Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21687079Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2014/dsa-3035Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/252743Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2015:164Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/support/kb/doc.php?id=7015701Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/support/kb/doc.php?id=7015721Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2014/09/24/32Mailing List
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.qnap.com/i/en/support/con_show.php?cid=61Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/533593/100/0/threadedBroken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2363-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2363-2Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/ncas/alerts/TA14-268AThird Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2014-0010.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/articles/1200223Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/node/1200223Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+FixesBroken Link
af854a3a-2127-422b-91ae-364da2661108https://kb.bluecoat.com/index?page=content&id=SA82Broken Link
af854a3a-2127-422b-91ae-364da2661108https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://kc.mcafee.com/corporate/index?page=content&id=SB10085Broken Link
af854a3a-2127-422b-91ae-364da2661108https://support.apple.com/kb/HT6535Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.citrix.com/article/CTX200217Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.citrix.com/article/CTX200223Permissions Required
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075Broken Link
af854a3a-2127-422b-91ae-364da2661108https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183Broken Link
af854a3a-2127-422b-91ae-364da2661108https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlertsThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/34879/Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.suse.com/support/shellshock/Third Party Advisory
Impacted products
Vendor Product Version
gnu bash *
arista eos *
arista eos *
arista eos *
arista eos *
arista eos *
arista eos *
oracle linux 4
oracle linux 5
oracle linux 6
qnap qts *
qnap qts 4.1.1
qnap qts 4.1.1
mageia mageia 3.0
mageia mageia 4.0
redhat gluster_storage_server_for_on-premise 2.1
redhat virtualization 3.4
redhat enterprise_linux 4.0
redhat enterprise_linux 5.0
redhat enterprise_linux 6.0
redhat enterprise_linux 7.0
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_eus 5.9
redhat enterprise_linux_eus 6.4
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_eus 7.3
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_eus 7.6
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_for_ibm_z_systems 5.9_s390x
redhat enterprise_linux_for_ibm_z_systems 6.4_s390x
redhat enterprise_linux_for_ibm_z_systems 6.5_s390x
redhat enterprise_linux_for_ibm_z_systems 7.3_s390x
redhat enterprise_linux_for_ibm_z_systems 7.4_s390x
redhat enterprise_linux_for_ibm_z_systems 7.5_s390x
redhat enterprise_linux_for_ibm_z_systems 7.6_s390x
redhat enterprise_linux_for_ibm_z_systems 7.7_s390x
redhat enterprise_linux_for_power_big_endian 5.0_ppc
redhat enterprise_linux_for_power_big_endian 5.9_ppc
redhat enterprise_linux_for_power_big_endian 6.0_ppc64
redhat enterprise_linux_for_power_big_endian 6.4_ppc64
redhat enterprise_linux_for_power_big_endian 7.0_ppc64
redhat enterprise_linux_for_power_big_endian_eus 6.5_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.3_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.4_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.5_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.6_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.7_ppc64
redhat enterprise_linux_for_scientific_computing 6.0
redhat enterprise_linux_for_scientific_computing 7.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_server_aus 5.6
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_server_aus 6.2
redhat enterprise_linux_server_aus 6.4
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_server_from_rhui 5.0
redhat enterprise_linux_server_from_rhui 6.0
redhat enterprise_linux_server_from_rhui 7.0
redhat enterprise_linux_server_tus 6.5
redhat enterprise_linux_server_tus 7.3
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_workstation 7.0
suse studio_onsite 1.3
opensuse opensuse 12.3
opensuse opensuse 13.1
opensuse opensuse 13.2
suse linux_enterprise_desktop 11
suse linux_enterprise_desktop 12
suse linux_enterprise_server 10
suse linux_enterprise_server 10
suse linux_enterprise_server 11
suse linux_enterprise_server 11
suse linux_enterprise_server 11
suse linux_enterprise_server 11
suse linux_enterprise_server 12
suse linux_enterprise_software_development_kit 11
suse linux_enterprise_software_development_kit 12
debian debian_linux 7.0
ibm infosphere_guardium_database_activity_monitoring 8.2
ibm infosphere_guardium_database_activity_monitoring 9.0
ibm infosphere_guardium_database_activity_monitoring 9.1
ibm pureapplication_system *
ibm pureapplication_system *
ibm pureapplication_system 2.0.0.0
ibm qradar_risk_manager 7.1.0
ibm qradar_security_information_and_event_manager 7.1.0
ibm qradar_security_information_and_event_manager 7.1.0
ibm qradar_security_information_and_event_manager 7.1.0
ibm qradar_security_information_and_event_manager 7.1.1
ibm qradar_security_information_and_event_manager 7.1.1
ibm qradar_security_information_and_event_manager 7.1.1
ibm qradar_security_information_and_event_manager 7.1.1
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.1.2
ibm qradar_security_information_and_event_manager 7.2
ibm qradar_security_information_and_event_manager 7.2.0
ibm qradar_security_information_and_event_manager 7.2.0
ibm qradar_security_information_and_event_manager 7.2.0
ibm qradar_security_information_and_event_manager 7.2.0
ibm qradar_security_information_and_event_manager 7.2.1
ibm qradar_security_information_and_event_manager 7.2.1
ibm qradar_security_information_and_event_manager 7.2.1
ibm qradar_security_information_and_event_manager 7.2.1
ibm qradar_security_information_and_event_manager 7.2.2
ibm qradar_security_information_and_event_manager 7.2.2
ibm qradar_security_information_and_event_manager 7.2.2
ibm qradar_security_information_and_event_manager 7.2.2
ibm qradar_security_information_and_event_manager 7.2.2
ibm qradar_security_information_and_event_manager 7.2.3
ibm qradar_security_information_and_event_manager 7.2.3
ibm qradar_security_information_and_event_manager 7.2.3
ibm qradar_security_information_and_event_manager 7.2.3
ibm qradar_security_information_and_event_manager 7.2.3
ibm qradar_security_information_and_event_manager 7.2.4
ibm qradar_security_information_and_event_manager 7.2.4
ibm qradar_security_information_and_event_manager 7.2.4
ibm qradar_security_information_and_event_manager 7.2.4
ibm qradar_security_information_and_event_manager 7.2.4
ibm qradar_security_information_and_event_manager 7.2.4
ibm qradar_security_information_and_event_manager 7.2.4
ibm qradar_security_information_and_event_manager 7.2.5
ibm qradar_security_information_and_event_manager 7.2.5
ibm qradar_security_information_and_event_manager 7.2.5
ibm qradar_security_information_and_event_manager 7.2.5
ibm qradar_security_information_and_event_manager 7.2.5
ibm qradar_security_information_and_event_manager 7.2.5
ibm qradar_security_information_and_event_manager 7.2.5
ibm qradar_security_information_and_event_manager 7.2.6
ibm qradar_security_information_and_event_manager 7.2.6
ibm qradar_security_information_and_event_manager 7.2.6
ibm qradar_security_information_and_event_manager 7.2.6
ibm qradar_security_information_and_event_manager 7.2.6
ibm qradar_security_information_and_event_manager 7.2.6
ibm qradar_security_information_and_event_manager 7.2.6
ibm qradar_security_information_and_event_manager 7.2.6
ibm qradar_security_information_and_event_manager 7.2.7
ibm qradar_security_information_and_event_manager 7.2.7
ibm qradar_security_information_and_event_manager 7.2.7
ibm qradar_security_information_and_event_manager 7.2.7
ibm qradar_security_information_and_event_manager 7.2.7
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8
ibm qradar_security_information_and_event_manager 7.2.8.15
ibm qradar_security_information_and_event_manager 7.2.9
ibm qradar_vulnerability_manager 7.2.0
ibm qradar_vulnerability_manager 7.2.1
ibm qradar_vulnerability_manager 7.2.2
ibm qradar_vulnerability_manager 7.2.3
ibm qradar_vulnerability_manager 7.2.4
ibm qradar_vulnerability_manager 7.2.6
ibm qradar_vulnerability_manager 7.2.6
ibm qradar_vulnerability_manager 7.2.6
ibm qradar_vulnerability_manager 7.2.6
ibm qradar_vulnerability_manager 7.2.6
ibm qradar_vulnerability_manager 7.2.6
ibm qradar_vulnerability_manager 7.2.6
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm qradar_vulnerability_manager 7.2.8
ibm smartcloud_entry_appliance 2.3.0
ibm smartcloud_entry_appliance 2.4.0
ibm smartcloud_entry_appliance 3.1.0
ibm smartcloud_entry_appliance 3.2.0
ibm smartcloud_provisioning 2.1.0
ibm software_defined_network_for_virtual_environments *
ibm software_defined_network_for_virtual_environments *
ibm software_defined_network_for_virtual_environments *
ibm starter_kit_for_cloud 2.2.0
ibm workload_deployer *
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.1
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.2
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.3
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.5
ibm security_access_manager_for_web_7.0_firmware 7.0.0.1
ibm security_access_manager_for_web_7.0_firmware 7.0.0.2
ibm security_access_manager_for_web_7.0_firmware 7.0.0.3
ibm security_access_manager_for_web_7.0_firmware 7.0.0.4
ibm security_access_manager_for_web_7.0_firmware 7.0.0.5
ibm security_access_manager_for_web_7.0_firmware 7.0.0.6
ibm security_access_manager_for_web_7.0_firmware 7.0.0.7
ibm security_access_manager_for_web_7.0_firmware 7.0.0.8
ibm security_access_manager_for_web_8.0_firmware 8.0.0.2
ibm security_access_manager_for_web_8.0_firmware 8.0.0.3
ibm security_access_manager_for_web_8.0_firmware 8.0.0.5
ibm storwize_v7000_firmware *
ibm storwize_v7000_firmware *
ibm storwize_v7000_firmware *
ibm storwize_v7000_firmware *
ibm storwize_v7000 -
ibm storwize_v5000_firmware *
ibm storwize_v5000_firmware *
ibm storwize_v5000_firmware *
ibm storwize_v5000 -
ibm storwize_v3700_firmware *
ibm storwize_v3700_firmware *
ibm storwize_v3700_firmware *
ibm storwize_v3700 -
ibm storwize_v3500_firmware *
ibm storwize_v3500_firmware *
ibm storwize_v3500_firmware *
ibm storwize_v3500 -
ibm flex_system_v7000_firmware *
ibm flex_system_v7000_firmware *
ibm flex_system_v7000_firmware *
ibm flex_system_v7000 -
ibm san_volume_controller_firmware *
ibm san_volume_controller_firmware *
ibm san_volume_controller_firmware *
ibm san_volume_controller -
ibm stn6500_firmware *
ibm stn6500_firmware *
ibm stn6500_firmware *
ibm stn6500 -
ibm stn6800_firmware *
ibm stn6800_firmware *
ibm stn6800_firmware *
ibm stn6800 -
ibm stn7800_firmware *
ibm stn7800_firmware *
ibm stn7800_firmware *
ibm stn7800 -
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
novell zenworks_configuration_management 10.3
novell zenworks_configuration_management 11
novell zenworks_configuration_management 11.1
novell zenworks_configuration_management 11.2
novell zenworks_configuration_management 11.3.0
novell open_enterprise_server 2.0
novell open_enterprise_server 11.0
checkpoint security_gateway *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_analytics *
f5 big-ip_analytics 11.6.0
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller 11.6.0
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_wan_optimization_manager *
f5 big-ip_wan_optimization_manager *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-iq_cloud *
f5 big-iq_device *
f5 big-iq_security *
f5 enterprise_manager *
f5 enterprise_manager *
f5 traffix_signaling_delivery_controller *
f5 traffix_signaling_delivery_controller 3.3.2
f5 traffix_signaling_delivery_controller 3.4.1
f5 traffix_signaling_delivery_controller 3.5.1
f5 traffix_signaling_delivery_controller 4.1.0
f5 arx_firmware *
f5 arx -
citrix netscaler_sdx_firmware *
citrix netscaler_sdx_firmware *
citrix netscaler_sdx_firmware *
citrix netscaler_sdx -
apple mac_os_x *
vmware vcenter_server_appliance 5.0
vmware vcenter_server_appliance 5.0
vmware vcenter_server_appliance 5.0
vmware vcenter_server_appliance 5.1
vmware vcenter_server_appliance 5.1
vmware vcenter_server_appliance 5.1
vmware vcenter_server_appliance 5.5
vmware vcenter_server_appliance 5.5
vmware esx 4.0
vmware esx 4.1


To clipboard 

{
  "cisaActionDue": "2022-07-28",
  "cisaExploitAdd": "2022-01-28",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:bash:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4DBE402-1B0A-4854-ABE5-891321454C25",
              "versionEndIncluding": "4.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCA5A28D-79B6-4F3E-9C98-65D4DFAD8EE7",
              "versionEndExcluding": "4.9.12",
              "versionStartIncluding": "4.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B1DC7EF-C994-4252-9DFE-DCA63FB17AE0",
              "versionEndExcluding": "4.10.9",
              "versionStartIncluding": "4.10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9056776F-03F6-4C3D-8635-37D66FD16EAA",
              "versionEndExcluding": "4.11.11",
              "versionStartIncluding": "4.11.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFEE6963-F73F-4B71-B4F8-6E550FBDA5F6",
              "versionEndExcluding": "4.12.9",
              "versionStartIncluding": "4.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8296875A-64FA-4592-848A-A923126BD8AF",
              "versionEndExcluding": "4.13.9",
              "versionStartIncluding": "4.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "816A16AF-1F5E-483A-AA89-3022818FAE43",
              "versionEndExcluding": "4.14.4f",
              "versionStartIncluding": "4.14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:oracle:linux:4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8421899-5D10-4C2B-88AA-3DA909FE3E67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*",
              "matchCriteriaId": "62A2AC02-A933-4E51-810E-5D040B476B7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
              "matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE8B7F1F-22F6-4B10-A6E5-DE44B1D2E649",
              "versionEndExcluding": "4.1.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:4.1.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "F407EA72-BA1A-41A2-B699-874304A638A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:qnap:qts:4.1.1:build_0927:*:*:*:*:*:*",
              "matchCriteriaId": "DDA25903-B334-438B-8196-B9E5119199D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F1E356-E019-47E8-AA5F-702DA93CF74E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F805A106-9A6F-48E7-8582-D3C5A26DFC11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC489F35-07F1-4C3E-80B9-78F0689BC54B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:virtualization:3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "95CE35FC-266F-4025-A0B8-FB853C020800",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6172AF57-B26D-45F8-BE3A-F75ABDF28F49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6252E88C-27FF-420D-A64A-C34124CF7E6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A8E07B7-3739-4BEB-88F8-C7F62431E889",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.9_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5537E1-1E8E-49C5-B4CB-A8E2EE3F5088",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.4_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "804DFF9F-BAA8-4239-835B-6182471A224F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.5_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EE496C0-35F7-44DC-B3F0-71EA3A613C38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.3_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "71179893-49F2-433C-A7AC-687075F9CC1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.4_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D4C43D8-02A5-4385-A89E-F265FEEC9E9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.5_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "37ECC029-3D84-4DD7-B28B-E5AD5559CF94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.6_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CBED2A-B6B0-420E-BC40-160930D8662E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.7_s390x:*:*:*:*:*:*:*",
              "matchCriteriaId": "652F7BB0-A6EA-45D0-86D4-49F4CA6C3EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0_ppc:*:*:*:*:*:*:*",
              "matchCriteriaId": "29BBF1AC-F31F-4251-8054-0D89A8E6E990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.9_ppc:*:*:*:*:*:*:*",
              "matchCriteriaId": "C52A4A2F-6385-4E5F-B2C7-0EF7267546F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D8D654F-2442-4EA0-AF89-6AC2CD214772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.4_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8ED0658-5F8F-48F0-A605-A2205DA27DA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BCF87FD-9358-42A5-9917-25DF0180A5A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.5_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "C385DA76-4863-4D39-84D2-9D185D322365",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "188019BF-3700-4B3F-BFA5-553B2B545B7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B8B2E32-B838-4E51-BAA2-764089D2A684",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "4319B943-7B19-468D-A160-5895F7F997A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "8036E2AE-4E44-4FA5-AFFB-A3724BFDD654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "634C23AC-AC9C-43F4-BED8-1C720816D5E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "37CE1DC7-72C5-483C-8921-0B462C8284D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB6ADFB8-210D-4E46-82A2-1C8705928382",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "92C9F1C4-55B0-426D-BB5E-01372C23AF97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD6D0378-F0F4-4AAA-80AF-8287C790EC96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8821E5FE-319D-40AB-A515-D56C1893E6F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AE981D4-0CA1-46FA-8E91-E1A4D5B31383",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F732C7C9-A9CC-4DEF-A8BE-D0F18C944C78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "74BCA435-7594-49E8-9BAE-9E02E129B6C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
              "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*",
              "matchCriteriaId": "CED02712-1031-4206-AC4D-E68710F46EC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*",
              "matchCriteriaId": "35BBD83D-BDC7-4678-BE94-639F59281139",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:-:*:*",
              "matchCriteriaId": "7F4AF9EC-7C74-40C3-A1BA-82B80C4A7EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
              "matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
              "matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
              "matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
              "matchCriteriaId": "15FC9014-BD85-4382-9D04-C0703E901D7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
              "matchCriteriaId": "1831D45A-EE6E-4220-8F8C-248B69520948",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "94C9C346-6DEC-4C72-9F59-BB3BEC42B551",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2071DABB-7102-47F2-A15F-A6C03607D01F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8661E86-E075-427F-8E05-7A33811A3A76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEFCC35D-1C83-4CA5-8B1D-9A637613AD7E",
              "versionEndIncluding": "1.0.0.4",
              "versionStartIncluding": "1.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "054736AF-96E0-491D-B824-CC4A35B76E14",
              "versionEndIncluding": "1.1.0.4",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:pureapplication_system:2.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "575894EE-F13C-4D56-8B63-59A379F63BD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_risk_manager:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E476AEB-AD38-4033-8426-DC502497D75A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C062C89-5DC2-46EE-A9D3-23E7539A5DAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr1:*:*:*:*:*:*",
              "matchCriteriaId": "20981443-6A64-4852-B2CB-3299927C6F78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr2:*:*:*:*:*:*",
              "matchCriteriaId": "59761BB8-FCC7-4D15-88A8-82076CCF196F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "CF399B2E-8413-4B80-A0C0-E61E8A0A8604",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p1:*:*:*:*:*:*",
              "matchCriteriaId": "230EBA53-66AF-432B-B4C1-08D8FC903B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p2:*:*:*:*:*:*",
              "matchCriteriaId": "789F398A-5CB2-48F8-AF8F-05BF0A8E04B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p3:*:*:*:*:*:*",
              "matchCriteriaId": "EF102659-B067-473E-AA37-EA90A82D1864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "81DF915D-D764-4C21-B213-0ADFD844E9DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p1:*:*:*:*:*:*",
              "matchCriteriaId": "C29A4119-A992-4713-85D6-4FDED7CD416A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p10:*:*:*:*:*:*",
              "matchCriteriaId": "4CA59C9D-74C2-4AFC-B1D1-1BC305FD493B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p11:*:*:*:*:*:*",
              "matchCriteriaId": "5720A37E-1DB5-45BA-9FDE-0EAEFE1F2257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p12:*:*:*:*:*:*",
              "matchCriteriaId": "F03006B7-037B-491F-A09F-DEB2FF076754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p13:*:*:*:*:*:*",
              "matchCriteriaId": "FE78AED4-AD60-406C-82E0-BA52701B49BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p2:*:*:*:*:*:*",
              "matchCriteriaId": "3D0B71F0-CCED-4E23-989A-3E9E2D71307C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p3:*:*:*:*:*:*",
              "matchCriteriaId": "5CF8FC22-C556-451C-B928-F5AF8DF4BF45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p4:*:*:*:*:*:*",
              "matchCriteriaId": "081D3B14-45F6-4F96-944B-94D967FEFA26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p5:*:*:*:*:*:*",
              "matchCriteriaId": "DE2C36B5-43F8-401B-B420-1FA5F13A4D6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p6:*:*:*:*:*:*",
              "matchCriteriaId": "D922DC5A-63F6-4188-BCDE-BB987402E47E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p7:*:*:*:*:*:*",
              "matchCriteriaId": "BFD5737C-AAE8-4C8D-BCFE-FFDF5DA4221C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p8:*:*:*:*:*:*",
              "matchCriteriaId": "C2BCC22C-A32B-4945-AFBC-777DBE248FB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p9:*:*:*:*:*:*",
              "matchCriteriaId": "92F92890-63B0-4918-A147-8852B6E2FA8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8016ECD3-4417-47A8-9493-C9F9EDF5FAA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "ED0B143A-5386-4375-AEB2-48619B2B1EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p1:*:*:*:*:*:*",
              "matchCriteriaId": "E7ECA734-9E95-484F-B880-2491A0E2531B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p2:*:*:*:*:*:*",
              "matchCriteriaId": "5D7CD9E9-033C-44B8-A68C-47AC260873E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p3:*:*:*:*:*:*",
              "matchCriteriaId": "07B660DC-A94F-48F0-A2F4-1C39CC4751A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "44D355AE-A8C0-4D7B-87FE-5D4138B6BB2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p1:*:*:*:*:*:*",
              "matchCriteriaId": "329C8551-98D1-4255-B598-9E75A071C186",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p2:*:*:*:*:*:*",
              "matchCriteriaId": "FD0687B7-F374-4368-AD9E-041123B23A6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p3:*:*:*:*:*:*",
              "matchCriteriaId": "D0330E77-454E-4E77-9628-50681B748491",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "3863726E-15AD-4A47-85CB-0C9965E76EF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p1:*:*:*:*:*:*",
              "matchCriteriaId": "5C07D9DC-E6C1-4FB0-86F1-144FD51B08CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p2:*:*:*:*:*:*",
              "matchCriteriaId": "3105129C-8FE8-4BF0-8CB9-A7F3F7FE1107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p3:*:*:*:*:*:*",
              "matchCriteriaId": "D1F35447-889F-4CE9-9473-87046B4707EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p4:*:*:*:*:*:*",
              "matchCriteriaId": "A3A5DFC0-BBD7-430C-A026-E1F34E08894D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "141E8F6A-3998-4F22-A717-3F52BC998F97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p1:*:*:*:*:*:*",
              "matchCriteriaId": "F09AA197-BB55-4CF0-AC29-4449C07DE510",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p2:*:*:*:*:*:*",
              "matchCriteriaId": "3E468E33-B183-4830-97E2-EAF9FD3758E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p3:*:*:*:*:*:*",
              "matchCriteriaId": "738C8F2B-3D3E-4E1F-977A-05D3A39F115D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p4:*:*:*:*:*:*",
              "matchCriteriaId": "1ED03E83-909B-423F-81F2-34AB7F24BBE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "9778E8AA-A034-4B04-A42E-6A182378C7DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p1:*:*:*:*:*:*",
              "matchCriteriaId": "AEE15598-4064-4E31-86BA-7851AA4B76C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p2:*:*:*:*:*:*",
              "matchCriteriaId": "59FE3789-FB47-4939-B9AA-86D203445526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p3:*:*:*:*:*:*",
              "matchCriteriaId": "2F96389A-82B9-42DE-8E93-D2B2EE610F7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p4:*:*:*:*:*:*",
              "matchCriteriaId": "3131CDA5-1C4D-489C-8788-FA396F8ADB2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p5:*:*:*:*:*:*",
              "matchCriteriaId": "DCC7DF3E-658C-41D7-A4AC-433440A02092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p6:*:*:*:*:*:*",
              "matchCriteriaId": "EEBB12B8-4EF6-42B9-9D28-A9CA129B0FBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:-:*:*:*:*:*:*",
              "matchCriteriaId": "279C30FB-EA1C-4D1D-A37E-F1EEF79F19F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p1:*:*:*:*:*:*",
              "matchCriteriaId": "D6870C1E-E4A4-4666-89DB-D72C8100D27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p2:*:*:*:*:*:*",
              "matchCriteriaId": "BE183CA0-FFBB-4746-8BBE-5D1910DD2100",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p3:*:*:*:*:*:*",
              "matchCriteriaId": "D04B5EBF-C94C-4A44-9A7E-75623CAF832C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p4:*:*:*:*:*:*",
              "matchCriteriaId": "5723FDF4-198B-488E-B075-F528EC6E4D18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p5:*:*:*:*:*:*",
              "matchCriteriaId": "7E23A972-5BCA-4C7E-B6F9-AD54992861A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p6:*:*:*:*:*:*",
              "matchCriteriaId": "1D00AFC9-8A9C-4BB1-9E60-BC6D552DC8E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:-:*:*:*:*:*:*",
              "matchCriteriaId": "BFE4D0FF-6445-4E14-9536-ADB32662B346",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p1:*:*:*:*:*:*",
              "matchCriteriaId": "C7FC4FDA-1C8D-4D7A-B5EA-D905FA830805",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p2:*:*:*:*:*:*",
              "matchCriteriaId": "753AA0F3-09F4-4E34-8E72-FAFD8BFE18EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p3:*:*:*:*:*:*",
              "matchCriteriaId": "9AC763FD-C143-4CA3-9A24-D50C9ED243D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p4:*:*:*:*:*:*",
              "matchCriteriaId": "299C6CBE-905F-4E59-AF2F-89A1CD767916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p5:*:*:*:*:*:*",
              "matchCriteriaId": "78538461-1B7E-4712-AA8D-D2EA3477635B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p6:*:*:*:*:*:*",
              "matchCriteriaId": "E3FF46F1-EF19-49D7-9EDD-44441C1A3F94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p7:*:*:*:*:*:*",
              "matchCriteriaId": "D9F91FB6-7D8F-4D89-B6BA-2C6DF15B9A51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "5725106C-A650-4C24-9636-1200BD44CCA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p1:*:*:*:*:*:*",
              "matchCriteriaId": "F1501425-96F7-487B-9588-FDA2DAC3790A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p2:*:*:*:*:*:*",
              "matchCriteriaId": "48D95998-9434-4AFF-9983-0D7AC34176A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p3:*:*:*:*:*:*",
              "matchCriteriaId": "D60BB309-860D-4D74-B08F-F94AFE84C881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p4:*:*:*:*:*:*",
              "matchCriteriaId": "F63E864E-6323-41B4-956F-51F9364DFAE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "EC724282-7431-465E-8E60-4037121B8838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p1:*:*:*:*:*:*",
              "matchCriteriaId": "73151221-C102-4425-9316-1EE4CAAB6531",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p10:*:*:*:*:*:*",
              "matchCriteriaId": "D1E9DDCD-6D22-4175-94EF-D8A5457E7355",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p11:*:*:*:*:*:*",
              "matchCriteriaId": "35AB906F-43CD-4D54-8274-1FD551532E58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p12:*:*:*:*:*:*",
              "matchCriteriaId": "1ADC75F0-B27E-4B15-B829-482FBA0063A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p13:*:*:*:*:*:*",
              "matchCriteriaId": "D015D670-8AEA-49A3-8D22-9E3009322EB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p14:*:*:*:*:*:*",
              "matchCriteriaId": "C18F3CC3-9BCF-4DE8-B7CA-59587D5E61F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p15:*:*:*:*:*:*",
              "matchCriteriaId": "E543BC0F-ADFB-4CF2-BC6C-90DC76BE3A95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p16:*:*:*:*:*:*",
              "matchCriteriaId": "28CE650B-BE03-4EDF-BE27-2FA6657F7A52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p2:*:*:*:*:*:*",
              "matchCriteriaId": "2356A4E6-561B-40CA-8348-B30D581B1E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p3:*:*:*:*:*:*",
              "matchCriteriaId": "74509F3F-840E-48B8-88B1-EA4FFB90ACC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p4:*:*:*:*:*:*",
              "matchCriteriaId": "BE7BD528-628F-4CA9-9FE8-8A79BDC97680",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p5:*:*:*:*:*:*",
              "matchCriteriaId": "26118C2B-78CC-4038-9DEA-7A9417029790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p6:*:*:*:*:*:*",
              "matchCriteriaId": "29EBC1DD-6949-4B12-8CA5-EE2BCDB8C4C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p7:*:*:*:*:*:*",
              "matchCriteriaId": "4F445D93-D482-4A74-810D-66D78CBCAFED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p8:*:*:*:*:*:*",
              "matchCriteriaId": "2C9F200C-ECC9-4D51-AFE7-E99C16D09148",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p9:*:*:*:*:*:*",
              "matchCriteriaId": "56B87CB5-0F77-4040-BB58-9DBF5723A4FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4B3321B-11AD-43EB-867C-FA4FA6A5421E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFB104CA-55CD-4B9E-A2F7-CC06E57663CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4975223D-9E31-4CEC-A4B6-C0996828B855",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "22E0F4A7-B8BD-42D1-92DB-2B510FFC9C36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C15C820B-4778-4B8F-8BD8-E996F1D4062D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A42E70EE-2E23-4D92-ADE0-9177B9EDD430",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "01C91446-4A36-4FCE-A973-3E6F813FABC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p1:*:*:*:*:*:*",
              "matchCriteriaId": "58281E62-E350-4B0D-9322-8BA1E1773CB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p2:*:*:*:*:*:*",
              "matchCriteriaId": "BF1A152E-5795-4319-BD4D-855DE19C744C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p3:*:*:*:*:*:*",
              "matchCriteriaId": "438FCE7F-035A-4D89-96FE-EE5278C85493",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p4:*:*:*:*:*:*",
              "matchCriteriaId": "80900F2C-7CFA-4C40-A6B5-51E12C3DA187",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p5:*:*:*:*:*:*",
              "matchCriteriaId": "DDE9A060-1D4D-46E5-A34F-CC4CFA260D94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p6:*:*:*:*:*:*",
              "matchCriteriaId": "33F900E6-AE47-4789-A337-70C6BEF22895",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p7:*:*:*:*:*:*",
              "matchCriteriaId": "AD2E5054-2151-414D-A88F-6697FF280D41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "3EB09361-372E-4F51-B255-C7D2DB41969F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p1:*:*:*:*:*:*",
              "matchCriteriaId": "A36D6991-3728-4F60-A443-37652DFAA053",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p10:*:*:*:*:*:*",
              "matchCriteriaId": "4142CC4E-9F0D-4017-8D17-D59FBCEB36F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p11:*:*:*:*:*:*",
              "matchCriteriaId": "63C0F7CA-5F3C-41D4-AAD6-084643115D85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p12:*:*:*:*:*:*",
              "matchCriteriaId": "1D16C66D-15BF-4EB8-8D78-DF12A69BD7F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p13:*:*:*:*:*:*",
              "matchCriteriaId": "81C388DC-0941-4D08-8C1C-BD43D9B0DC8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p14:*:*:*:*:*:*",
              "matchCriteriaId": "45CD14D8-665A-46C5-8387-33FF266822A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p15:*:*:*:*:*:*",
              "matchCriteriaId": "D510329D-B39E-4E2B-AAEC-1FDA7869C9E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p16:*:*:*:*:*:*",
              "matchCriteriaId": "4640FE06-4D22-442E-A0E0-76EEFAF6ECB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p17:*:*:*:*:*:*",
              "matchCriteriaId": "6A846C69-CA94-4F5E-9E02-69EA6680549E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p2:*:*:*:*:*:*",
              "matchCriteriaId": "F3E63ECF-25CB-4E7F-BF51-B4D7B3541AE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p3:*:*:*:*:*:*",
              "matchCriteriaId": "FF14DD4F-6779-4B17-AB1B-D4DE58E7E231",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p4:*:*:*:*:*:*",
              "matchCriteriaId": "7AAEE176-631A-41B9-BC40-93F866DA9D5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p5:*:*:*:*:*:*",
              "matchCriteriaId": "75C963D5-F2D1-49EE-93B5-CA7FE7EAB98C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p6:*:*:*:*:*:*",
              "matchCriteriaId": "9388D932-9818-4A68-9543-B0643166DB2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p7:*:*:*:*:*:*",
              "matchCriteriaId": "770A9287-C910-4690-9402-0C0B7BAC8912",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p8:*:*:*:*:*:*",
              "matchCriteriaId": "3F8AC068-D5AC-4042-8A7C-5B95EA0E85F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p9:*:*:*:*:*:*",
              "matchCriteriaId": "B503F1F7-F439-420D-B465-9A51CCECAB06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27948B08-C452-41FB-B41F-6ADB3AAE087E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AB8FB4C-5BBC-420D-84F0-C8424DC25CD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAF1F14C-DB2C-40A8-B899-C127C7ECC0D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E87FA9CC-D201-430F-8FE6-8C9A88CEAB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smartcloud_provisioning:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D7F2743-71BB-4011-B919-7E8032B6B72F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:kvm:*:*:*",
              "matchCriteriaId": "3738FAC6-B90B-4014-9E86-17ED6D19D23D",
              "versionEndExcluding": "1.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:openflow:*:*:*",
              "matchCriteriaId": "35B6634E-4F09-423C-87E7-59D4127CC023",
              "versionEndExcluding": "1.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:vmware:*:*:*",
              "matchCriteriaId": "0A7A7100-A1DA-4191-A4C1-D930829A3DC2",
              "versionEndExcluding": "1.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:starter_kit_for_cloud:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "83739ED7-37F1-4712-8C81-E56F58790240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:workload_deployer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CDD227E-1F98-4F73-BB65-3820F39127F0",
              "versionEndIncluding": "3.1.0.7",
              "versionStartIncluding": "3.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "250AF7A4-8DDF-427C-8BF7-788667908D77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "22433CE0-9772-48CE-8069-612FF3732C21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2569AA28-5C61-4BBD-A501-E1ACFA36837B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AB188A2-D7CE-4141-A55A-C074C84E366E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE4E5283-0FEE-4F37-9C41-FA695063FF79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "73EB6121-62CD-49FC-A1D2-5467B007253C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CB18F38-AC6A-406A-A4DD-40688B803744",
              "versionEndExcluding": "1.4.3.5",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE781C8-40F7-4F6D-8FED-8EB3071FE9DB",
              "versionEndExcluding": "1.5.0.4",
              "versionStartIncluding": "1.5.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5AB3395-B458-49F8-A8E3-25FF0C1C3BD3",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EC57FAE-AD4D-4C9F-97A4-581C977B5FE4",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "47A17EE0-7D3E-4CD7-984C-BB17BF6F4BFD",
              "versionEndExcluding": "7.1.0.11",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A46CF2-392A-4BB9-B4BF-DE8C5228CAAE",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C4EF774-BD92-444D-9583-25DB97CDA4F3",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8753BBDB-A858-4A51-A8FD-8DF8DF2734A0",
              "versionEndExcluding": "7.1.0.11",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FB9850A-3308-4277-A68C-AD418612101E",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C84D7A48-6745-49D3-AE52-31DD7EEC0D61",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A1A3A3E-5636-4422-9B7B-B3D97989E674",
              "versionEndExcluding": "7.1.0.11",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7384B993-049F-48D7-86D6-FE221C783245",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1DF6129-9CEA-4812-800F-A6FD5095D60E",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79788A89-4152-4B4B-BFF0-518D90EE4D2B",
              "versionEndExcluding": "7.1.0.11",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "680738C5-63D5-4F60-9610-FD0D87FCBBCA",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "872E2102-6BE6-42B6-93B0-942B7DABCBDA",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:flex_system_v7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DACA26CF-7C3F-4215-B032-ED9C5EFD57D8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E31991-DF33-4F00-8430-7B626E8174CE",
              "versionEndExcluding": "7.1.0.11",
              "versionStartIncluding": "1.1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2E25BB0-6F5A-4A7B-9147-D4E17014C747",
              "versionEndExcluding": "7.2.0.9",
              "versionStartIncluding": "7.2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B80C1675-4948-45DC-B593-EDB1354E42F3",
              "versionEndExcluding": "7.3.0.7",
              "versionStartIncluding": "7.3.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D84487-CEBA-48A0-9B15-A0300D992E3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CE69F8D-5EEE-4BC7-939C-CE71BCD2E11D",
              "versionEndExcluding": "3.8.0.07",
              "versionStartIncluding": "3.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDEC166F-A967-4616-B9EF-503054EFD197",
              "versionEndExcluding": "3.9.1.08",
              "versionStartIncluding": "3.9.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "713E71BC-16F5-41E3-9816-74D5E8D8C9A9",
              "versionEndExcluding": "4.1.2.06",
              "versionStartIncluding": "4.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:stn6500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D2487E0-046C-476F-BFF4-EF77D9E856D8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0287F3CD-2151-491D-8BC3-6D3921BE8FFA",
              "versionEndExcluding": "3.8.0.07",
              "versionStartIncluding": "3.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4179899-87B4-42C3-8245-9A34EC04F6A1",
              "versionEndExcluding": "3.9.1.08",
              "versionStartIncluding": "3.9.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8CED766-9742-4037-8005-F0BDDE9176DD",
              "versionEndExcluding": "4.1.2.06",
              "versionStartIncluding": "4.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:stn6800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C41EEAEC-08AE-4478-8977-5A4D7B48C175",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "298C961D-5E5F-4277-B192-A4C29243BECC",
              "versionEndExcluding": "3.8.0.07",
              "versionStartIncluding": "3.8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5A76C40-BA90-4FBD-8DFF-4AF8F952963A",
              "versionEndExcluding": "3.9.1.08",
              "versionStartIncluding": "3.9.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0663FBC-01C0-4AD8-A0B8-6097E537D352",
              "versionEndExcluding": "4.1.2.06",
              "versionStartIncluding": "4.1.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:stn7800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE145DE3-3C9B-4949-B6D4-9B259372CCE0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
              "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:novell:zenworks_configuration_management:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ABC25E5-76CD-469B-879A-B1F7109D0181",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11:*:*:*:*:*:*:*",
              "matchCriteriaId": "98942F6C-330F-459A-B2B4-72572DB4070E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5A92B0C-7256-45F0-8E0C-ADFEF36CF43D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C0BAB94-6521-4B57-9E56-A57BA5E20C24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:zenworks_configuration_management:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A7788E5-93B9-4149-8823-2ACBA5CF17E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:novell:open_enterprise_server:2.0:sp3:*:*:*:linux_kernel:*:*",
              "matchCriteriaId": "B41B4ECD-6F30-46F5-A559-1CEFC7964873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:novell:open_enterprise_server:11.0:sp2:*:*:*:linux_kernel:*:*",
              "matchCriteriaId": "D42ADCD9-1455-401C-B94F-D367A78A2B97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:checkpoint:security_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2853A787-E5F1-4455-9482-7C538B80556C",
              "versionEndExcluding": "r77.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E910D60-1145-4229-9890-80D2D67C3845",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BBEF73-E87D-467F-85EB-47BE212DF0E8",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE23220D-E364-41B7-A440-43B3AA4A716A",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C483253F-841E-4D4E-9B4A-932E9D07268B",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "667D3780-3949-41AC-83DE-5BCB8B36C382",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F0E7766-BDB4-42AB-B6CC-6B4E86A10038",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5AF8C8-578E-4FD7-8BAA-53A57EE4C653",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06BA93C0-A7AE-4A8E-BD74-08149A204463",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E0D8F52-0EAD-4E02-A8D8-CBAE2CDC703B",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6D61BF2-69D8-4AD2-85CD-D87F640A6888",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9A06D61-E6CB-4A8A-B06D-9FEA1812C167",
              "versionEndIncluding": "11.5.1",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0B4C01-C71E-4E35-B63A-68395984E033",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9828CBA5-BB72-46E2-987D-633A5B3E2AFF",
              "versionEndIncluding": "11.4.1",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC24B891-6DBA-4C02-B4CF-8D1CA53B4B74",
              "versionEndIncluding": "4.4.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BB0FDAC-C49D-4E63-ACA9-7BAD7C93A5D2",
              "versionEndIncluding": "4.4.0",
              "versionStartIncluding": "4.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AEB1FC5-1179-4DE9-99A2-D650167A7A60",
              "versionEndIncluding": "4.4.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ADD1B04-9F78-40B3-8314-6935277073B0",
              "versionEndIncluding": "2.3.0",
              "versionStartIncluding": "2.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "482E630B-93A1-4B9B-8273-821C116ADC4F",
              "versionEndIncluding": "3.1.1",
              "versionStartIncluding": "3.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1343FBDC-4BF0-403B-B257-96672F092263",
              "versionEndIncluding": "4.0.5",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C138527-73D3-4AEE-BFAB-1D240A585A0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F2EB3D6-EF4C-4241-A31E-3990664004A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F0CD8F8-26CE-43F0-87EB-A08F1D1EDB25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D1168D2-93D5-4415-A666-B4BE0B2AC201",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:f5:arx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48A2FBA9-207F-4F16-932D-BF0BA3440503",
              "versionEndIncluding": "6.4.0",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:f5:arx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C6AC80F-9D91-468D-BEE3-6A0759723673",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF1DB4B7-AFCC-4D56-95BA-C66AB7A36680",
              "versionEndExcluding": "9.3.67.5r1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "665EF643-3CDC-4518-9693-0D49F0870283",
              "versionEndExcluding": "10.1.129.11r1",
              "versionStartIncluding": "10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAE3CC45-49E5-40DE-B5C3-52A754A9C599",
              "versionEndExcluding": "10.5.52.11r1",
              "versionStartIncluding": "10.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:citrix:netscaler_sdx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8968E39A-1E16-4B7F-A16A-190EBC20D04F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "864B5480-704F-4636-A938-7D95AD4223AD",
              "versionEndExcluding": "10.10.0",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "35D34345-0AD1-499C-9A74-982B2D3F305A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "3DF3F07E-6F4E-4B97-B313-7DA3E8A88451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "5C98B0EA-7A52-4BDF-90C2-38797FC2B75A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FECF06B5-3915-48F0-A140-41C7A27EE99D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "BBD8B161-0A07-492F-89E4-7A0BD02F6464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "F3E8E0E1-FF63-425D-8C22-86B16CFB7B1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:-:*:*:*:*:*:*",
              "matchCriteriaId": "29DF8DD7-B5CC-4152-A726-1D48459068D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "DB2E2AAD-E221-4227-A41B-DC01BFDFCD6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271."
    },
    {
      "lang": "es",
      "value": "GNU Bash hasta 4.3 bash43-025 procesa cadenas finales despu\u00e9s de la definici\u00f3n malformada de funciones en los valores de variables de entorno, lo que permite a atacantes remotos escribir hacia ficheros o posiblemente tener otro impacto desconocido a trav\u00e9s de un entorno manipulado, tal y como se ha demostrado por vectores que involucran la caracter\u00edstica ForceCommand en sshd OpenSSH, los m\u00f3dulos mod_cgi y mod_cgid en el Apache HTTP Server, scripts ejecutados por clientes DHCP no especificados, y otras situaciones en la cual establecer el entorno ocurre a trav\u00e9s de un l\u00edmite privilegiado de la ejecuci\u00f3n de Bash. Nota: Esta vulnerabilidad existe debido a una soluci\u00f3n incompleta para CVE-2014-6271."
    }
  ],
  "id": "CVE-2014-7169",
  "lastModified": "2025-01-06T19:35:05.427",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2014-09-25T01:55:04.367",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://advisories.mageia.org/MGASA-2014-0393.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/58200"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59272"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59737"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59907"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60024"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60034"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60044"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60055"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60063"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60193"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60325"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60433"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60947"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61065"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61128"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61129"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61188"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61283"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61287"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61291"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61312"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61313"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61328"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61442"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61471"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61479"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61485"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61503"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61550"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61552"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61565"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61603"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61618"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61619"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61622"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61626"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61633"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61641"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61643"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61654"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61676"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61700"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61703"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61711"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61715"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61780"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61816"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61855"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61857"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61873"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/62228"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/62312"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/62343"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6495"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://twitter.com/taviso/statuses/514887394294652929"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2014/dsa-3035"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/252743"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2363-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2363-2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/articles/1200223"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/node/1200223"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.apple.com/kb/HT6535"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.citrix.com/article/CTX200217"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Permissions Required"
      ],
      "url": "https://support.citrix.com/article/CTX200223"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/34879/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.suse.com/support/shellshock/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://advisories.mageia.org/MGASA-2014-0393.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://jvn.jp/en/jp/JVN55667175/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-1306.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-3075.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-3077.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://linux.oracle.com/errata/ELSA-2014-3078.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141216207813411\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141216668515282\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141235957116749\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141319209015420\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141330425327438\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383138121313\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141694386919794\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142113462216480\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1306.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1311.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1312.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1354.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2014/Oct/0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/58200"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59272"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59737"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/59907"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60024"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60055"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60063"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60193"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60325"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60433"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/60947"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61128"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61188"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61287"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61291"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61442"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61485"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61503"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61550"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61552"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61565"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61603"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61619"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61626"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61633"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61641"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61643"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61654"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61676"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61700"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61703"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61711"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61715"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61780"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61816"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61855"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61857"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/61873"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/62228"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/62312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/62343"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT6495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.novell.com/security/cve/CVE-2014-7169.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://twitter.com/taviso/statuses/514887394294652929"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685541"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685733"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685749"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685914"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686084"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686131"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686246"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686445"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686447"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686494"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687079"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2014/dsa-3035"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/252743"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/support/kb/doc.php?id=7015701"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/support/kb/doc.php?id=7015721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/09/24/32"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.qnap.com/i/en/support/con_show.php?cid=61"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/533593/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2363-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2363-2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/ncas/alerts/TA14-268A"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2014-0010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/articles/1200223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/node/1200223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA82"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.apple.com/kb/HT6535"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.citrix.com/article/CTX200217"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "https://support.citrix.com/article/CTX200223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/34879/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.suse.com/support/shellshock/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2016-05-13 16:59
Modified
2024-11-21 02:38
Severity ?
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x before 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 HF10; Enterprise Manager 3.0.0 through 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 on the 3900, 6900, 8900, 8950, 11000, 11050, PB100 and PB200 platforms, when software SYN cookies are configured on virtual servers, allow remote attackers to cause a denial of service (High-Speed Bridge hang) via an invalid TCP segment.
References
cve@mitre.orghttp://www.securitytracker.com/id/1035873
cve@mitre.orghttp://www.securitytracker.com/id/1035874
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1035873
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1035874
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.htmlVendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_access_policy_manager 11.3.0
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_access_policy_manager 12.0.0
f5 big-ip_wan_optimization_manager 11.3.0
f5 big-ip_application_security_manager 11.3.0
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_application_security_manager 12.0.0
f5 big-ip_link_controller 11.3.0
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.6.0
f5 big-ip_link_controller 12.0.0
f5 big-ip_advanced_firewall_manager 11.3.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_advanced_firewall_manager 12.0.0
f5 big-ip_analytics 11.3.0
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.5.3
f5 big-ip_analytics 11.6.0
f5 big-ip_analytics 12.0.0
f5 big-ip_advanced_firewall_manager 11.3.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_advanced_firewall_manager 12.0.0
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-iq_device 4.2.0
f5 big-iq_security 4.0.0
f5 big-iq_security 4.1.0
f5 big-iq_security 4.2.0
f5 big-iq_security 4.3.0
f5 big-iq_security 4.4.0
f5 big-iq_security 4.5.0
f5 big-iq_application_delivery_controller 4.5.0
f5 big-ip_edge_gateway 11.3.0
f5 big-ip_global_traffic_manager 11.3.0
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_local_traffic_manager 10.2.0
f5 big-ip_local_traffic_manager 11.3.0
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.5.3
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_local_traffic_manager 12.0.0
f5 big-iq_cloud_and_orchestration 1.0.0
f5 big-iq_cloud 4.0.0
f5 big-iq_cloud 4.1.0
f5 big-iq_cloud 4.2.0
f5 big-iq_cloud 4.3.0
f5 big-iq_cloud 4.4.0
f5 big-iq_cloud 4.5.0
f5 big-iq_centralized_management 4.6.0
f5 big-iq_device 4.2.0
f5 big-iq_device 4.3.0
f5 big-iq_device 4.4.0
f5 big-iq_device 4.5.0
f5 big-ip_policy_enforcement_manager 11.3.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_policy_enforcement_manager 12.0.0
f5 big-ip_domain_name_system 12.0.0
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_acceleration_manager 12.0.0
f5 big-ip_enterprise_manager 3.0.0
f5 big-ip_enterprise_manager 3.1.0
f5 big-ip_enterprise_manager 3.1.1
f5 big-ip_edge_gateway 11.3.0
f5 big-ip_webaccelerator 11.3.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0303BEA3-02EB-4F7C-96C5-29E231832CEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27CAD4CD-9228-4DE5-A333-2862AC18F24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC1A702-0CCB-48F9-A42E-D8C756DD9D76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F443F1-C43F-42AD-98E4-AE11C72F363E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D88F8F3B-DD8B-4BB3-BB68-C43583318400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677AF16-146D-41A5-ABF3-56DB9C0D6CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3471D34-A76C-498A-8C45-1553A579A88B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9538F63-3DC9-42CC-87D5-3CA048AE52A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13753E9F-11AA-41F4-930E-BD9866D03396",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D04FC0C-5E44-4DAD-9542-C772EA35916C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADE47FF9-E13D-41D3-BEA2-EF1B973CB0A9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x before 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 HF10; Enterprise Manager 3.0.0 through 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 on the 3900, 6900, 8900, 8950, 11000, 11050, PB100 and PB200 platforms, when software SYN cookies are configured on virtual servers, allow remote attackers to cause a denial of service (High-Speed Bridge hang) via an invalid TCP segment."
    },
    {
      "lang": "es",
      "value": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller y PEM 11.3.x, 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4, 11.6.x en versiones anteriores a 11.6.1 y 12.x en versiones anteriores a 12.0.0 HF1; BIG-IP AAM 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4, 11.6.x en versiones anteriores a 11.6.1 y 12.x en versiones anteriores a 12.0.0 HF1; BIG-IP DNS 12.x en versiones anteriores a 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator y WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4 y 11.6.x en versiones anteriores a 11.6.1; BIG-IP PSM 11.3.x y 11.4.x en versiones anteriores a 11.4.1 HF10; Enterprise Manager 3.0.0 hasta la versi\u00f3n 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 hasta la versi\u00f3n 4.5.0; BIG-IQ Device 4.2.0 hasta la versi\u00f3n 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; y BIG-IQ Cloud and Orchestration 1.0.0 en las plataformas 3900, 6900, 8900, 8950, 11000, 11050, PB100 y PB200, cuando las cookies del sofware SYN est\u00e1n configuradas en servidores virtuales, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (cuelgue de High-Speed Bridge) a trav\u00e9s de un segmento TCP no v\u00e1lido."
    }
  ],
  "id": "CVE-2015-8099",
  "lastModified": "2024-11-21T02:38:00.867",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-05-13T16:59:05.873",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1035873"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1035874"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1035873"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1035874"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2017-03-23 14:59
Modified
2024-11-21 02:58
Severity ?
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4 devices with maliciously crafted network traffic. This vulnerability affects virtual servers associated with TCP profiles when the BIG-IP system's tm.tcpprogressive db variable value is set to non-default setting "enabled". The default value for the tm.tcpprogressive db variable is "negotiate". An attacker may be able to disrupt traffic or cause the BIG-IP system to fail over to another device in the device group.
References
f5sirt@f5.comhttp://www.securityfocus.com/bid/97119Third Party Advisory, VDB Entry
f5sirt@f5.comhttp://www.securitytracker.com/id/1038121
f5sirt@f5.comhttps://support.f5.com/csp/article/K13053402Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/97119Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1038121
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K13053402Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.5.3
f5 big-ip_local_traffic_manager 11.5.4
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.5.4
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.5.4
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.5.3
f5 big-ip_analytics 11.5.4
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.5.4
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.5.4
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.5.4
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.5.4
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.5.4
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4 devices with maliciously crafted network traffic. This vulnerability affects virtual servers associated with TCP profiles when the BIG-IP system\u0027s tm.tcpprogressive db variable value is set to non-default setting \"enabled\". The default value for the tm.tcpprogressive db variable is \"negotiate\". An attacker may be able to disrupt traffic or cause the BIG-IP system to fail over to another device in the device group."
    },
    {
      "lang": "es",
      "value": "Un atacante remoto no autenticado puede ser capaz de interrumpir los servicios en los dispositivos F5 BIG-IP 11.4.1 - 11.5.4 con con tr\u00e1fico red maliciosamente manipulado. Esta vulnerabilidad afecta a los servidores virtuales asociados con perfiles TCP cuando el valor de variable de sistema BIG-IP tm.tcpprogressive db est\u00e1 configurado como ajuste predeterminado \"habilitado\". El valor por defecto para la variable tm.tcpprogressive db es \"negotiate\". Un atacante puede ser capaz de interrumpir el tr\u00e1fico o provocar que el sistema BIG-IP haga un failover a otro dispositivo del grupo de dispositivos."
    }
  ],
  "id": "CVE-2016-7468",
  "lastModified": "2024-11-21T02:58:03.943",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-03-23T14:59:00.143",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97119"
    },
    {
      "source": "f5sirt@f5.com",
      "url": "http://www.securitytracker.com/id/1038121"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K13053402"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97119"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1038121"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K13053402"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-04-13 13:29
Modified
2024-11-21 03:29
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
On F5 BIG-IP 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.4.1-11.5.5, or 11.2.1, malformed SPDY or HTTP/2 requests may result in a disruption of service to TMM. Data plane is only exposed when a SPDY or HTTP/2 profile is attached to a virtual server. There is no control plane exposure.
References
f5sirt@f5.comhttps://support.f5.com/csp/article/K10930474Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K10930474Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 13.0.0
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager 11.2.1
f5 big-ip_application_acceleration_manager 13.0.0
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager 11.2.1
f5 big-ip_advanced_firewall_manager 13.0.0
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 13.0.0
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 13.0.0
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_edge_gateway 13.0.0
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 13.0.0
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager 11.2.1
f5 big-ip_policy_enforcement_manager 13.0.0
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_webaccelerator 13.0.0
f5 big-ip_websafe *
f5 big-ip_websafe *
f5 big-ip_websafe *
f5 big-ip_websafe 11.2.1
f5 big-ip_websafe 13.0.0
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_protocol_security_module 13.0.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E3612B2-6722-4833-A386-DFBE4F957126",
              "versionEndIncluding": "11.5.5",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "597AB2D4-B0E0-4437-9298-C9FC2E34247E",
              "versionEndIncluding": "11.6.2",
              "versionStartIncluding": "11.6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CD4DFE3-9071-4808-AE24-2CCA5DB5BA80",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA7D64DC-7271-4617-BD46-99C8246779CA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2591686E-97C4-465F-A725-0037A193C44F",
              "versionEndIncluding": "11.5.5",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ECBB647-0E28-4A45-8E49-A02C4974B6A9",
              "versionEndIncluding": "11.6.2",
              "versionStartIncluding": "11.6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D00EED-F95D-4458-BDC4-3390DE85348B",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "05EAC483-AD5B-41C2-98F1-A186E2DCB04E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "424205B0-5E73-4AF2-860A-52129B9734D3",
              "versionEndIncluding": "11.5.5",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C838ECE-BCC6-4D71-A36B-CF053A95BD5C",
              "versionEndIncluding": "11.6.2",
              "versionStartIncluding": "11.6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5011C2D-FBB5-4117-BB97-11DE70117345",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FDC1C0F-A00A-456C-AB51-CD139B15CB61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C4E5F36-434B-48E1-9715-4EEC22FB23D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5800062B-A845-449E-AB3A-86F5A89E6428",
              "versionEndIncluding": "11.5.5",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DEB3F5D-E82B-4B0F-9EF2-0CC7CCCE3E2F",
              "versionEndIncluding": "11.6.2",
              "versionStartIncluding": "11.6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BB42D3A-71EE-4367-9F65-86404D74E59D",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF89E7C-806E-4800-BAA9-0225433B6C56",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "39403241-7F3D-44F3-8F56-576DCABB28CB",
              "versionEndIncluding": "11.5.5",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BE301F2-BF84-4B0D-BD32-F58899A93106",
              "versionEndIncluding": "11.6.2",
              "versionStartIncluding": "11.6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "397AC4A5-B67C-483B-84F7-8CB294BB460C",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7569977A-E567-4115-B00C-4B0CBA86582E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4832316-B149-4316-8D86-DF7C12154979",
              "versionEndIncluding": "11.5.5",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "730BC966-10B2-4A2E-BF12-EC4DE70DE968",
              "versionEndIncluding": "11.6.2",
              "versionStartIncluding": "11.6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A11E433-943D-4D92-B45E-3FA268094278",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D3374BE-6A37-48B5-83D4-D61558A8433E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "65560D3E-3AFD-4D3D-8EFF-E277836D5651",
              "versionEndIncluding": "11.5.5",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9984B71A-89EA-4E5E-8E4D-1EA3D06F003F",
              "versionEndIncluding": "11.6.2",
              "versionStartIncluding": "11.6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "60189636-02D6-44CA-BE2A-7777E3C409CD",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2C4414E-8016-48B5-8CC3-F97FF2D85922",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "573B289C-DFB1-4AE0-A792-0F591D407200",
              "versionEndIncluding": "11.5.5",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BC5F967-BD7E-4B43-BB24-07B66A7006D9",
              "versionEndIncluding": "11.6.2",
              "versionStartIncluding": "11.6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AD75094-3248-4D37-969E-75272F6F31D6",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D964BBB4-B343-43C6-A7A1-39BD9E1EEA16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "42821916-E601-4831-B37B-3202ACF2C562",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5224C47E-1765-4E8A-BF6A-268DB70617B8",
              "versionEndIncluding": "11.5.5",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "725BAE35-A9A3-4AEF-BAC1-18D445D241D5",
              "versionEndIncluding": "11.6.2",
              "versionStartIncluding": "11.6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7860523-E8B3-4BEE-853A-6F0B5BCDDA5A",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E703FAB-BFCD-47A1-94BD-DD63879DE883",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3039312F-757B-4441-9108-2BF369C5A500",
              "versionEndIncluding": "11.5.5",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2F2D318-6CE1-471C-AF57-8D790000962C",
              "versionEndIncluding": "11.6.2",
              "versionStartIncluding": "11.6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "937055BD-53FC-4D8E-B965-D676AA5ABA4C",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFD9136F-100A-4747-84B7-33D6D8905DDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2E56D76-1A89-46AB-9C17-CB24662FFDE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFD9C447-ABE5-4ED0-9D2D-4D776C07BC7C",
              "versionEndIncluding": "11.5.5",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C91C5E5-575B-429D-A73F-308E2D383441",
              "versionEndIncluding": "11.6.2",
              "versionStartIncluding": "11.6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBE27AF5-E86D-4ABD-B5A5-B91097EDFB46",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:13.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A12C123A-DBE7-4B9B-8DCC-EA3BA063652E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "On F5 BIG-IP 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.4.1-11.5.5, or 11.2.1, malformed SPDY or HTTP/2 requests may result in a disruption of service to TMM. Data plane is only exposed when a SPDY or HTTP/2 profile is attached to a virtual server. There is no control plane exposure."
    },
    {
      "lang": "es",
      "value": "En F5 BIG-IP, en su versi\u00f3n 13.0.0, de la versi\u00f3n 12.0.0 a la 12.1.3.1, de la versi\u00f3n 11.6.0 a la 11.6.2, la versi\u00f3n 11.4.1a la 11.5.5 o en la versi\u00f3n 11.2.1, las peticiones SPDY o HTTP/2 mal formadas podr\u00edan resultar en una interrupci\u00f3n del servicio en TMM. El plano de datos solo se ve expuesto cuando se adjunta un perfil SPDY o HTTP/2 a un servidor virtual. No hay ninguna exposici\u00f3n del plano de control."
    }
  ],
  "id": "CVE-2017-6155",
  "lastModified": "2024-11-21T03:29:09.487",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-13T13:29:00.330",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K10930474"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K10930474"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-12-24 17:30
Modified
2024-11-21 01:09
Severity ?
Summary
Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: some of these details are obtained from third party information.
References
cve@mitre.orghttp://osvdb.org/61297
cve@mitre.orghttp://secunia.com/advisories/37805Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/37452
cve@mitre.orghttp://www.securitytracker.com/id?1023386
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/3627Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/55005
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/61297
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37805Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/37452
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1023386
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/3627Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/55005
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html
Impacted products
Vendor Product Version
f5 big-ip_protocol_security_module 10.0.0
f5 big-ip_application_security_manager 9.4.4
f5 big-ip_application_security_manager 9.4.5
f5 big-ip_application_security_manager 9.4.6
f5 big-ip_application_security_manager 9.4.7
f5 big-ip_application_security_manager 10.0.0
f5 big-ip_application_security_manager 10.0.1
f5 big-ip_protocol_security_manager 9.4.5
f5 big-ip_protocol_security_manager 9.4.6
f5 big-ip_protocol_security_manager 9.4.7
f5 big-ip_protocol_security_manager 10.0.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2691943C-1FD1-43EE-B070-E35710E426ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEABC433-37BD-4A53-A872-92564807F022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "409B66AC-292F-426D-A908-D6D865A25CA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEAA4B9A-B1FB-4273-A0B3-A69F49D940D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_application_security_manager:9.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "44D22108-C65D-4BB4-8141-B05F053863BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_application_security_manager:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B42FE789-9F15-4450-B1B8-7D2A044A26A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_application_security_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B598A78-EF2C-461F-844E-84B0971A2F5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AE2CC21-3B8B-443B-A427-482B8A9D80DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "50191BEE-7001-43DC-8AEE-01E233594752",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:9.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "178C7BDD-639E-4472-BEDE-9187CD50DA4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B38707-9BD0-4E41-93A4-CCDDF1E8BC73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors.  NOTE: some of these details are obtained from third party information."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de buffer en el demonio bd en F5 Networks BIG-IP Application Security Manager (ASM) v9.4.4 hasta v9.4.7 y v10.0.0 hasta v10.0.1, y Protocol Security Manager (PSM) v9.4.5 hasta v9.4.7 y v10.0.0 hasta v10.0.1, permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de vectores desconocidos. NOTA: algunos de estos detalles se han obtenido de informaci\u00f3n de terceros."
    }
  ],
  "id": "CVE-2009-4420",
  "lastModified": "2024-11-21T01:09:36.150",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-12-24T17:30:00.280",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/61297"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37805"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/37452"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1023386"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/3627"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/61297"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37805"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/37452"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1023386"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/3627"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2017-02-09 15:59
Modified
2024-11-21 03:00
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory. A remote attacker may exploit this vulnerability to obtain Secure Sockets Layer (SSL) session IDs from other sessions. It is possible that other data from uninitialized memory may be returned as well.
References
f5sirt@f5.comhttp://packetstormsecurity.com/files/141017/Ticketbleed-F5-TLS-Information-Disclosure.html
f5sirt@f5.comhttp://www.securityfocus.com/bid/96143
f5sirt@f5.comhttp://www.securitytracker.com/id/1037800Third Party Advisory, VDB Entry
f5sirt@f5.comhttps://blog.filippo.io/finding-ticketbleed/
f5sirt@f5.comhttps://filippo.io/Ticketbleed/
f5sirt@f5.comhttps://github.com/0x00string/oldays/blob/master/CVE-2016-9244.py
f5sirt@f5.comhttps://support.f5.com/csp/article/K05121675Mitigation, Vendor Advisory
f5sirt@f5.comhttps://www.exploit-db.com/exploits/41298/
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/141017/Ticketbleed-F5-TLS-Information-Disclosure.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/96143
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1037800Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://blog.filippo.io/finding-ticketbleed/
af854a3a-2127-422b-91ae-364da2661108https://filippo.io/Ticketbleed/
af854a3a-2127-422b-91ae-364da2661108https://github.com/0x00string/oldays/blob/master/CVE-2016-9244.py
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K05121675Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/41298/
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.5.3
f5 big-ip_local_traffic_manager 11.5.4
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_local_traffic_manager 11.6.1
f5 big-ip_local_traffic_manager 12.0.0
f5 big-ip_local_traffic_manager 12.1.0
f5 big-ip_local_traffic_manager 12.1.1
f5 big-ip_local_traffic_manager 12.1.2
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.5.4
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_acceleration_manager 11.6.1
f5 big-ip_application_acceleration_manager 12.0.0
f5 big-ip_application_acceleration_manager 12.1.0
f5 big-ip_application_acceleration_manager 12.1.1
f5 big-ip_application_acceleration_manager 12.1.2
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.5.4
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_advanced_firewall_manager 11.6.1
f5 big-ip_advanced_firewall_manager 12.0.0
f5 big-ip_advanced_firewall_manager 12.1.0
f5 big-ip_advanced_firewall_manager 12.1.1
f5 big-ip_advanced_firewall_manager 12.1.2
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.5.3
f5 big-ip_analytics 11.5.4
f5 big-ip_analytics 11.6.0
f5 big-ip_analytics 11.6.1
f5 big-ip_analytics 12.0.0
f5 big-ip_analytics 12.1.0
f5 big-ip_analytics 12.1.1
f5 big-ip_analytics 12.1.2
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.5.4
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_access_policy_manager 11.6.1
f5 big-ip_access_policy_manager 12.0.0
f5 big-ip_access_policy_manager 12.1.0
f5 big-ip_access_policy_manager 12.1.1
f5 big-ip_access_policy_manager 12.1.2
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.5.4
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_application_security_manager 11.6.1
f5 big-ip_application_security_manager 12.0.0
f5 big-ip_application_security_manager 12.1.0
f5 big-ip_application_security_manager 12.1.1
f5 big-ip_application_security_manager 12.1.2
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.5.4
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_global_traffic_manager 11.6.1
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.5.4
f5 big-ip_link_controller 11.6.0
f5 big-ip_link_controller 11.6.1
f5 big-ip_link_controller 12.0.0
f5 big-ip_link_controller 12.1.0
f5 big-ip_link_controller 12.1.1
f5 big-ip_link_controller 12.1.2
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.5.4
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_policy_enforcement_manager 11.6.1
f5 big-ip_policy_enforcement_manager 12.0.0
f5 big-ip_policy_enforcement_manager 12.1.0
f5 big-ip_policy_enforcement_manager 12.1.1
f5 big-ip_policy_enforcement_manager 12.1.2
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2B502F2-404C-463B-B6BE-87489DC881F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82C7B1C-E195-4D94-B604-78FB464C4F81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F6C3144-D0DE-4248-BFCD-04A7E6104044",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0357B5ED-0600-4756-93E5-692987068596",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BE0210-7058-462A-BA17-845D3E4F52FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECA90FB8-E2CD-400F-B753-1B482E7FAC96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FEC804B-35DB-4A0C-9AEA-15527E0CC1B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEB228A9-0C01-4531-B2B2-38BB7B0E02E9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBAB92C5-2D50-49CC-AECA-0D16BC44A788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC827031-CA39-4081-8CE0-30EAC78DF756",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7569903B-3A15-4A10-863B-6828337DD268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "45825991-D17D-42F1-87B4-7DF86B098B45",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A065BC0-56BD-4665-A860-EBA37F1A4D8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "77192AFB-B612-4BAA-916C-3DF8E851CC2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE295AF6-2B35-467F-8501-B5753CDDE16C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3C03B68-914F-4DB0-A832-B626B8746524",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E33BCA5B-CE91-451C-9821-2023A9E461C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2044C-AC6F-4145-B1A0-8EB26DCF1F8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FC866D4-CE8C-4408-AD1E-8643AC554CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7563D979-BE37-4251-B92E-0DBDBE53F3FF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94DBCD7A-E4DA-4C08-87A4-960CF53A83E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB2118A-0F9C-4273-BB07-85FEA32C785B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8541C9EF-69A8-4641-B173-3BCE0EDD20A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E24A3C71-0075-4738-B114-267337D050CD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "911BB6DB-B2D1-4855-A65C-F0799E034358",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C641B4F-DCFF-4A1B-9E00-EDF18A270241",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBBB6E7C-DA1A-479F-9DD2-DE0C3CA82E92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4913B437-33FF-4B5E-A855-9DA00B35E3B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDCFE65B-340B-4F7D-93A1-4390BBC8E67F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1EA4F45-35F7-4687-8D1A-A5ACD846500A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "64273A2C-E5A1-4605-92DD-EBECC7F051D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E60CA151-1C3A-45B3-B939-E6F80063C595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "58BAD5A9-9C67-4056-9344-07C8C42C8E88",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory. A remote attacker may exploit this vulnerability to obtain Secure Sockets Layer (SSL) session IDs from other sessions. It is possible that other data from uninitialized memory may be returned as well."
    },
    {
      "lang": "es",
      "value": "Un servidor virtual BIG-IP configurado con un perfil Client SSL que tiene la opci\u00f3n Session Tickets no predeterminada habilitada podr\u00eda perder hasta 31 portes de la memoria no inicializada. Un atacante remoto puede explotar esta vulnerabilidad para obtener los IDs de sesi\u00f3n Secure Sockets Layer (SSL) de otras sesiones. Es posible que otros datos de la memoria no inicializada pueda ser devuelta tambi\u00e9n."
    }
  ],
  "id": "CVE-2016-9244",
  "lastModified": "2024-11-21T03:00:50.517",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-02-09T15:59:01.300",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "url": "http://packetstormsecurity.com/files/141017/Ticketbleed-F5-TLS-Information-Disclosure.html"
    },
    {
      "source": "f5sirt@f5.com",
      "url": "http://www.securityfocus.com/bid/96143"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1037800"
    },
    {
      "source": "f5sirt@f5.com",
      "url": "https://blog.filippo.io/finding-ticketbleed/"
    },
    {
      "source": "f5sirt@f5.com",
      "url": "https://filippo.io/Ticketbleed/"
    },
    {
      "source": "f5sirt@f5.com",
      "url": "https://github.com/0x00string/oldays/blob/master/CVE-2016-9244.py"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K05121675"
    },
    {
      "source": "f5sirt@f5.com",
      "url": "https://www.exploit-db.com/exploits/41298/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://packetstormsecurity.com/files/141017/Ticketbleed-F5-TLS-Information-Disclosure.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/96143"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1037800"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://blog.filippo.io/finding-ticketbleed/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://filippo.io/Ticketbleed/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/0x00string/oldays/blob/master/CVE-2016-9244.py"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K05121675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/41298/"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2017-03-27 15:59
Modified
2024-11-21 02:58
Severity ?
5.5 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information.
References
f5sirt@f5.comhttp://www.securityfocus.com/bid/97198
f5sirt@f5.comhttp://www.securitytracker.com/id/1038133
f5sirt@f5.comhttps://support.f5.com/csp/article/K52180214Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/97198
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1038133
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K52180214Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.5.3
f5 big-ip_local_traffic_manager 11.5.4
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_local_traffic_manager 11.6.1
f5 big-ip_local_traffic_manager 12.0.0
f5 big-ip_local_traffic_manager 12.1.0
f5 big-ip_local_traffic_manager 12.1.1
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.5.4
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_acceleration_manager 11.6.1
f5 big-ip_application_acceleration_manager 12.0.0
f5 big-ip_application_acceleration_manager 12.1.0
f5 big-ip_application_acceleration_manager 12.1.1
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.5.4
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_advanced_firewall_manager 11.6.1
f5 big-ip_advanced_firewall_manager 12.0.0
f5 big-ip_advanced_firewall_manager 12.1.0
f5 big-ip_advanced_firewall_manager 12.1.1
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.5.3
f5 big-ip_analytics 11.5.4
f5 big-ip_analytics 11.6.0
f5 big-ip_analytics 11.6.1
f5 big-ip_analytics 12.0.0
f5 big-ip_analytics 12.1.0
f5 big-ip_analytics 12.1.1
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.5.4
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_access_policy_manager 11.6.1
f5 big-ip_access_policy_manager 12.0.0
f5 big-ip_access_policy_manager 12.1.0
f5 big-ip_access_policy_manager 12.1.1
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.5.4
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_application_security_manager 11.6.1
f5 big-ip_application_security_manager 12.0.0
f5 big-ip_application_security_manager 12.1.0
f5 big-ip_application_security_manager 12.1.1
f5 big-ip_domain_name_system 12.0.0
f5 big-ip_domain_name_system 12.1.0
f5 big-ip_domain_name_system 12.1.1
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.5.4
f5 big-ip_link_controller 11.6.0
f5 big-ip_link_controller 11.6.1
f5 big-ip_link_controller 12.0.0
f5 big-ip_link_controller 12.1.0
f5 big-ip_link_controller 12.1.1
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.5.4
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_policy_enforcement_manager 11.6.1
f5 big-ip_policy_enforcement_manager 12.0.0
f5 big-ip_policy_enforcement_manager 12.1.0
f5 big-ip_policy_enforcement_manager 12.1.1
f5 big-ip_websafe 11.6.0
f5 big-ip_websafe 11.6.1
f5 big-ip_websafe 12.0.0
f5 big-ip_websafe 12.1.0
f5 big-ip_websafe 12.1.1
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.5.4
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_global_traffic_manager 11.6.1
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_webaccelerator 11.2.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2B502F2-404C-463B-B6BE-87489DC881F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82C7B1C-E195-4D94-B604-78FB464C4F81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F6C3144-D0DE-4248-BFCD-04A7E6104044",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BE0210-7058-462A-BA17-845D3E4F52FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECA90FB8-E2CD-400F-B753-1B482E7FAC96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FEC804B-35DB-4A0C-9AEA-15527E0CC1B1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBAB92C5-2D50-49CC-AECA-0D16BC44A788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC827031-CA39-4081-8CE0-30EAC78DF756",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7569903B-3A15-4A10-863B-6828337DD268",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A065BC0-56BD-4665-A860-EBA37F1A4D8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "77192AFB-B612-4BAA-916C-3DF8E851CC2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE295AF6-2B35-467F-8501-B5753CDDE16C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E33BCA5B-CE91-451C-9821-2023A9E461C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2044C-AC6F-4145-B1A0-8EB26DCF1F8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FC866D4-CE8C-4408-AD1E-8643AC554CC9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94DBCD7A-E4DA-4C08-87A4-960CF53A83E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB2118A-0F9C-4273-BB07-85FEA32C785B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8541C9EF-69A8-4641-B173-3BCE0EDD20A8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DD7394-BD0A-42FD-A367-827F35397A20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "98509F74-301A-4D1F-A2B4-B01B80CEFFCA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C641B4F-DCFF-4A1B-9E00-EDF18A270241",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBBB6E7C-DA1A-479F-9DD2-DE0C3CA82E92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4913B437-33FF-4B5E-A855-9DA00B35E3B3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1EA4F45-35F7-4687-8D1A-A5ACD846500A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "64273A2C-E5A1-4605-92DD-EBECC7F051D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E60CA151-1C3A-45B3-B939-E6F80063C595",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "228D5DA1-C78A-4E05-997A-50F6C1B59593",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "452C59B8-230D-4FC0-B76D-FA6E381E3713",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EE1EEA6-1E25-4A90-91A1-386D19808557",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A05340-0AE2-49CA-903F-44383421577E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "583F134E-1616-44F2-8EF0-0CFA5CCEF0AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "911BB6DB-B2D1-4855-A65C-F0799E034358",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information."
    },
    {
      "lang": "es",
      "value": "En algunos casos la cach\u00e9 binaria MCPD en dispositivos F5 BIG-IP pueden permitir a un usuario con acceso Advanced Shell, o privilegios generar un qkview, para obtener temporalmente informaci\u00f3n normalmente irrecuperable."
    }
  ],
  "id": "CVE-2016-7474",
  "lastModified": "2024-11-21T02:58:04.357",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-03-27T15:59:00.310",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "url": "http://www.securityfocus.com/bid/97198"
    },
    {
      "source": "f5sirt@f5.com",
      "url": "http://www.securitytracker.com/id/1038133"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K52180214"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/97198"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1038133"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K52180214"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-10-31 14:29
Modified
2024-11-21 03:50
Severity ?
6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 6.0.0-6.0.1, 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.0.1-2.3.0, or Enterprise Manager 3.1.1 a BIG-IP user granted with tmsh access may cause the BIG-IP system to experience denial-of-service (DoS) when the BIG-IP user uses the tmsh utility to run the edit cli preference command and proceeds to save the changes to another filename repeatedly. This action utilises storage space on the /var partition and when performed repeatedly causes the /var partition to be full.
References
f5sirt@f5.comhttps://support.f5.com/csp/article/K28003839Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K28003839Mitigation, Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 enterprise_manager 3.1.1
f5 big-iq_centralized_management *
f5 big-iq_centralized_management *
f5 big-iq_centralized_management 4.6.0
f5 big-iq_cloud_and_orchestration 1.0.0
f5 iworkflow *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0740491-CFC6-4D53-A39F-3244710282D0",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F9094D4-087E-45D8-AD7B-A2FA1BF1E2F8",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D746D9C6-28DE-4170-9F08-16C58F160752",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFECB54D-C240-495E-A97B-6694BB992C9D",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3A526B1-EB66-497F-B8B5-45205781B323",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "88880F08-386C-4BC3-952D-DD1665D8B1EB",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "41D7E35D-EAC4-4D00-BB52-19414EEDD286",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8478F27-F451-4C94-9D45-9FCF30B6EB84",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6F24FC1-B549-48F9-AF0E-AB441E5EE4B4",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9032E773-CAB2-4108-A86B-04A8383663BE",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C47559FB-EC85-4A3A-B967-0BD37934B33D",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40C7F0AE-F55C-42D9-A6EF-1A0D53FFD4DE",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F63A24-36A9-4C90-B73B-131A5658C4C1",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE608E62-F3E2-405C-8239-760A7C1E1527",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "51218200-4536-4ED9-AA9A-301E2B30B829",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3EDF519-7610-4223-BBD7-B75438ACD8B2",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "39C62474-8F2E-4394-8B9E-FB06F8CE95C4",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCA46825-0425-4C7D-B846-05E6D4081F51",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "05456A39-5301-421B-853A-4651E1B13DE8",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "224F2348-19DC-4242-8A1E-5F5BDCB86B9C",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1C0F266-7321-4BBC-B5C6-8D25DCC1715F",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F51999-6742-445C-936B-C2873C5F27CB",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A537300-3211-4136-89C7-B99AD4F13B8C",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F921FE3-B481-4552-AE7C-FEE05DB6D301",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E021297A-FD19-446B-B526-7516503B6D24",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28DE49F7-E999-4D3F-8767-A2C3615DF780",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21A5DC79-66A0-4195-9A19-42FD2B5D7941",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "897F4A4D-D2E2-4171-8ECA-7E981034DE16",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84F95F43-BF52-423E-9B1A-55D6B7262A57",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC852AA9-7C30-44D8-A964-07DF817A4FF2",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ABCEA29-0EDF-4D41-BB61-F2C293A5A2E2",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB32AD06-69AF-4289-B854-ED9141E76582",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "31C5842B-0261-4CDB-888E-329FF7D73108",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B73F018-4FAD-48B3-9806-FC827787E323",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D11EBE7-741F-4585-962F-99EAA29C1F0E",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "55366FD7-D7BA-4D36-AC5D-1B822940842F",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63E2912-58B9-4541-8E5D-993F73AB74F1",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC818DB1-C85A-47A3-ABE2-0FFCD7AC3E40",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11876D9C-0082-454A-8254-B5FD74E87719",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F6C963-A1BF-4579-9345-D0207269577A",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C050740-2FD3-474D-A09A-C122F031342F",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C21FA11D-0C58-4DF7-85E0-5E8E7B1F14A8",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB7193B-3BEF-4920-9893-FF196E785850",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2680D4AD-CCD0-4964-8D8F-CF1FCDA2BEC3",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6B989A-BA55-47F5-8269-D9FA435ECC29",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FC80682-E373-4508-A297-EA19BF62BABA",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42E368FA-5A85-428E-B63D-FD027CD46E8E",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E5B875A-ACFE-4C98-B6C4-5A6262C09E23",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A00660C1-7A1C-42CF-A829-503DC2EC08E0",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F534EADF-DA49-4EDD-97F8-C4046E890D8B",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EBEBCB3-AF9E-4049-980D-E87B756D6D51",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34EC5593-4293-4D2A-A110-25D371F3E281",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ED25E87-39BC-4D15-B37A-FCBE97F7D3D2",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49F45207-07ED-4DF8-ABDA-4AD3E9CA26D1",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0233F1B-2DDB-4B01-A549-E76C18BBC3F1",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B885F0E9-8019-4053-AAAA-2C136D55FB71",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6217D65D-B15B-426B-8692-BA461BB57663",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "56181224-56D4-43BE-A296-52DF599A2BD5",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D43A55D-E9D4-45A3-8B41-B4B22BE4A536",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DBE74F-6E43-448F-9479-8FD75D5DCC22",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D655B3FF-5173-4850-B94C-B864E2115D95",
              "versionEndIncluding": "11.5.6",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "91F78D2C-DC7C-4B1C-AB44-3CB810240D42",
              "versionEndIncluding": "11.6.3.2",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6355263D-8407-466D-BB71-CB6316EDC668",
              "versionEndIncluding": "12.1.3.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9479031-90AA-4C1D-B14C-CDFFBC99CCDE",
              "versionEndIncluding": "13.1.0.7",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6ADE585-616C-4B40-A40C-EE97A8FAC653",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "559900D6-7E43-4D2F-9167-BDB04DD5D0DB",
              "versionEndIncluding": "5.4.0",
              "versionStartIncluding": "5.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AC93C0F-AA5B-4A2B-B205-26F65BCA6780",
              "versionEndIncluding": "6.0.1",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:iworkflow:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "015D8D65-126B-4958-8EE2-291487AD4C9B",
              "versionEndIncluding": "2.3.0",
              "versionStartIncluding": "2.0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 6.0.0-6.0.1, 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.0.1-2.3.0, or Enterprise Manager 3.1.1 a BIG-IP user granted with tmsh access may cause the BIG-IP system to experience denial-of-service (DoS) when the BIG-IP user uses the tmsh utility to run the edit cli preference command and proceeds to save the changes to another filename repeatedly. This action utilises storage space on the /var partition and when performed repeatedly causes the /var partition to be full."
    },
    {
      "lang": "es",
      "value": "En BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2 o 11.2.1-11.5.6; BIG-IQ Centralized Management 6.0.0-6.0.1, 5.0.0-5.4.0 o 4.6.0; BIG-IQ Cloud and Orchestration 1.0.0; iWorkflow 2.0.1-2.3.0 o Enterprise Manager 3.1.1, un usuario BIG-IP con acceso tmsh podr\u00eda provocar que el sistema BIG-IP experimente una denegaci\u00f3n de servicio (DoS) cuando este usuario emplea la utilidad tmsh para ejecutar el comando de preferencias edit cli y guarda los cambios repetidamente en otro nombre de archivo. Esta acci\u00f3n emplea almacenamiento de la partici\u00f3n /var y, cuando se realiza repetidamente, provoca que la partici\u00f3n /var se llene."
    }
  ],
  "id": "CVE-2018-15322",
  "lastModified": "2024-11-21T03:50:33.577",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-31T14:29:00.517",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K28003839"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K28003839"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2015-11-06 18:59
Modified
2024-11-21 02:36
Severity ?
Summary
The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before 12.0.0, BIG-IP AAM 11.4.0 before 12.0.0, BIG-IP AFM, PEM 11.3.0 before 12.0.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.1.0 through 11.3.0, BIG-IP GTM 11.1.0 through 11.6.0, BIG-IP PSM 11.1.0 through 11.4.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ ADC 4.5.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to cause a denial of service or gain privileges by leveraging permission to upload and execute code.
References
cve@mitre.orghttp://www.securitytracker.com/id/1034025
cve@mitre.orghttp://www.securitytracker.com/id/1034026
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/17000/400/sol17407.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1034025
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1034026
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/17000/400/sol17407.htmlVendor Advisory
Impacted products
Vendor Product Version
f5 big-iq_device 4.2.0
f5 big-iq_device 4.3.0
f5 big-iq_device 4.4.0
f5 big-iq_device 4.5.0
f5 big-ip_policy_enforcement_manager 11.3.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_global_traffic_manager 11.1.0
f5 big-ip_global_traffic_manager 11.2.0
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.3.0
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_analytics 11.1.0
f5 big-ip_analytics 11.2.0
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.3.0
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.5.3
f5 big-ip_analytics 11.6.0
f5 big-ip_link_controller 11.1.0
f5 big-ip_link_controller 11.2.0
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.3.0
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.6.0
f5 big-ip_webaccelerator 11.1.0
f5 big-ip_webaccelerator 11.2.0
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_webaccelerator 11.3.0
f5 big-ip_application_security_manager 11.1.0
f5 big-ip_application_security_manager 11.2.0
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.3.0
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.6.0
f5 big-iq_security 4.0.0
f5 big-iq_security 4.1.0
f5 big-iq_security 4.2.0
f5 big-iq_security 4.3.0
f5 big-iq_security 4.4.0
f5 big-iq_security 4.5.0
f5 big-ip_wan_optimization_manager 11.1.0
f5 big-ip_wan_optimization_manager 11.2.0
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_wan_optimization_manager 11.3.0
f5 big-ip_edge_gateway 11.1.0
f5 big-ip_edge_gateway 11.2.0
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_edge_gateway 11.3.0
f5 big-ip_access_policy_manager 11.1.0
f5 big-ip_access_policy_manager 11.2.0
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.3.0
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_advanced_firewall_manager 11.3.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_enterprise_manager 3.0.0
f5 big-ip_enterprise_manager 3.1.0
f5 big-ip_enterprise_manager 3.1.1
f5 big-ip_application_acceleration_manager 11.4.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_protocol_security_module 11.1.0
f5 big-ip_protocol_security_module 11.2.0
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-iq_cloud 4.0.0
f5 big-iq_cloud 4.1.0
f5 big-iq_cloud 4.2.0
f5 big-iq_cloud 4.3.0
f5 big-iq_cloud 4.4.0
f5 big-iq_cloud 4.5.0
f5 big-ip_local_traffic_manager 11.1.0
f5 big-ip_local_traffic_manager 11.2.0
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.3.0
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.5.3
f5 big-iq_adc 4.5.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9538F63-3DC9-42CC-87D5-3CA048AE52A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8D9A5-0C91-4458-8554-13947FD8B116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B171AA24-6500-43D8-9167-BA9BA57682E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF199950-9564-4CF2-BC74-F9E1C28AC377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A613D29A-9C7F-49A5-98E4-8477A1FF7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "792625FF-276B-4972-8915-4571C9E26BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE20D0B7-E96B-448E-B80D-0D596248B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8FCFDA-703B-42DC-91FF-00066E88E49D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA49611-A8E4-454E-98AD-B64C0202838F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C31572-6C40-4621-AB57-6768DE0D59A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4617DC7B-07BA-4805-9789-CFDBA8535214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0303BEA3-02EB-4F7C-96C5-29E231832CEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27CAD4CD-9228-4DE5-A333-2862AC18F24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC1A702-0CCB-48F9-A42E-D8C756DD9D76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B59396A-EAFF-41D4-874F-4CA91D901807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C14C5-B23C-4CE3-8FF0-52741CBB602E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A085285-329B-4EF0-ABFB-238655E9E82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591F627-3C86-4904-9236-6936D533ED75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F3BF3A-DC42-45F4-99C0-DF71DB1A9E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "002333F5-2864-434F-AC94-9C644098F95C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13753E9F-11AA-41F4-930E-BD9866D03396",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D04FC0C-5E44-4DAD-9542-C772EA35916C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADE47FF9-E13D-41D3-BEA2-EF1B973CB0A9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "974C5213-99F7-4E8A-AC6A-8759697F19C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8600FF27-4407-4755-A1E3-5648D9ACCB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A84AF1-A18E-4AFD-B85E-49CE46A548D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D88F8F3B-DD8B-4BB3-BB68-C43583318400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677AF16-146D-41A5-ABF3-56DB9C0D6CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3471D34-A76C-498A-8C45-1553A579A88B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A53EC8-8E16-42DC-9FD8-58493C5D1EC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB299B4-5893-4D91-8E5B-09BDFDB86FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9768142-C554-44DE-B8D5-45CB51E3C34C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before 12.0.0, BIG-IP AAM 11.4.0 before 12.0.0, BIG-IP AFM, PEM 11.3.0 before 12.0.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.1.0 through 11.3.0, BIG-IP GTM 11.1.0 through 11.6.0, BIG-IP PSM 11.1.0 through 11.4.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ ADC 4.5.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to cause a denial of service or gain privileges by leveraging permission to upload and execute code."
    },
    {
      "lang": "es",
      "value": "El m\u00f3dulo del kernel datastor en F5 BIG-IP Analytics, APM, ASM, Link Controller y LTM 11.1.0 en versiones anteriores a 12.0.0, BIG-IP AAM 11.4.0 en versiones anteriores a 12.0.0, BIG-IP AFM, PEM 11.3.0 en versiones anteriores a 12.0.0, BIG-IP Edge Gateway, WebAccelerator y WOM 11.1.0 hasta la versi\u00f3n 11.3.0, BIG-IP GTM 11.1.0 hasta la versi\u00f3n 11.6.0, BIG-IP PSM 11.1.0 hasta la versi\u00f3n 11.4.1, BIG-IQ Cloud and Security 4.0.0 hasta la versi\u00f3n 4.5.0, BIG-IQ Device 4.2.0 hasta la versi\u00f3n 4.5.0, BIG-IQ ADC 4.5.0 y Enterprise Manager 3.0.0 hasta la versi\u00f3n 3.1.1 permite a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio u obtener privilegios mediante el aprovechamiento de permisos para cargar y ejecutar c\u00f3digo."
    }
  ],
  "id": "CVE-2015-7394",
  "lastModified": "2024-11-21T02:36:42.863",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-11-06T18:59:03.407",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1034025"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1034026"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/17000/400/sol17407.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034025"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/17000/400/sol17407.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2016-08-26 14:59
Modified
2024-11-21 02:53
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted network traffic.
References
cve@mitre.orghttp://www.securityfocus.com/bid/92670Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1036624Third Party Advisory, VDB Entry
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/k/19/sol19784568.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/92670Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1036624Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/k/19/sol19784568.htmlVendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_analytics 11.2.1
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.3
f5 big-ip_analytics 11.5.4
f5 big-ip_analytics 11.6.0
f5 big-ip_analytics 12.0.0
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.5.4
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_application_security_manager 12.0.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.5.4
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_advanced_firewall_manager 12.0.0
f5 big-ip_domain_name_system 12.0.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.5.4
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_policy_enforcement_manager 12.0.0
f5 big-ip_wan_optimization_manager 11.2.1
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.5.4
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_access_policy_manager 12.0.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.5.4
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_acceleration_manager 12.0.0
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.5.4
f5 big-ip_link_controller 11.6.0
f5 big-ip_link_controller 12.0.0
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.5.4
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.5.4
f5 big-ip_link_controller 11.6.0
f5 big-ip_link_controller 12.0.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "867B2CA9-DAE5-4070-B8E6-F624C59F5054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FBA20ED-08F5-4C35-991A-0DBC6BEAECC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted network traffic."
    },
    {
      "lang": "es",
      "value": "Servidores virtuales en sistemas F5 BIG-IP 11.2.1 HF11 hasta la versi\u00f3n HF15, 11.4.1 HF4 hasta la versi\u00f3n HF10, 11.5.3 hasta la versi\u00f3n 11.5.4, 11.6.0 HF5 hasta la versi\u00f3n HF7 y 12.0.0, cuando se configura con un perfil TCP, permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio de Traffic Management Microkernel) a trav\u00e9s de tr\u00e1fico de red manipulado."
    }
  ],
  "id": "CVE-2016-5023",
  "lastModified": "2024-11-21T02:53:28.287",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-08-26T14:59:01.277",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/92670"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036624"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/19/sol19784568.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/92670"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036624"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/19/sol19784568.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-03-28 21:29
Modified
2024-11-21 04:46
Severity ?
6.8 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge.
References
f5sirt@f5.comhttps://support.f5.com/csp/article/K26455071Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K26455071Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager 14.0.0
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager 14.0.0
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager 14.0.0
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway 14.0.0
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service 14.0.0
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager 14.0.0
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller 14.0.0
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager 14.0.0
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager 14.0.0
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_manager *
f5 big-ip_protocol_security_manager *
f5 big-ip_protocol_security_manager *
f5 big-ip_protocol_security_manager 14.0.0
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics 14.0.0
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager 14.0.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34520974-8346-4012-B191-F9F3B49C9A87",
              "versionEndIncluding": "11.5.8",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B60D2B3-22C5-49CA-BB8A-7BBFE60CAFB5",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BB42D3A-71EE-4367-9F65-86404D74E59D",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1331467F-B278-485E-AD91-7D0643C2F3DB",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44E8F4B6-ACF1-4F2C-A2A4-DF7382CCE628",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "578794C1-5D60-4413-A713-95B1876344F9",
              "versionEndIncluding": "11.5.8",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F90EFF1C-6B26-4419-B7B0-0AE8A34B06A1",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5011C2D-FBB5-4117-BB97-11DE70117345",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E866C4E5-D739-4352-9B6D-9753B4C78A24",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1FDA72E-991D-4451-9C8E-E738F4D12728",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DCFA856-8E59-4E79-8B42-103FACA64CC8",
              "versionEndIncluding": "11.5.8",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B514CBE-2906-4F1A-9A6A-F1CE46F4B1C3",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D00EED-F95D-4458-BDC4-3390DE85348B",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D91EC11-DD9A-434B-9EB4-14AA0E977D8D",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "292EC144-CBA2-4275-9F70-4ED65A505B39",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61D9F220-3F5C-4B65-8A79-DE52D3E49DED",
              "versionEndIncluding": "11.5.8",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C277B22C-B578-4B28-8698-0C8503CA6B23",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A11E433-943D-4D92-B45E-3FA268094278",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96AA67E0-3471-4699-87A7-E47DD8E313B8",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:14.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB76D898-4C7C-40E9-8539-E2A1BC7A5A66",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D5C853A-0A02-4AA9-B819-88FFD070ED48",
              "versionEndIncluding": "11.5.8",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE9BAC77-AE7B-4E2B-A0B4-C9DBF627DF66",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4C3D6F5-D94D-46A3-991C-A11275B59F8E",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6114B091-1612-4EA2-81D4-2E5455A345F7",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "86D68F26-EF89-4016-BD3A-637951752AAA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE98010B-7588-4A1C-89FE-72CA9B73C57A",
              "versionEndIncluding": "11.5.8",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDE9713-5E26-4B55-A4BA-C4239146C4AA",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57CCB85A-6F90-4DB7-B0F8-AE5250E1DCFE",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F60067-2623-42F9-8B4F-C24F3268DDB9",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADAD6E9A-F8B5-4B2D-B687-AEAB518B8F19",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9927CE2-18D5-49D7-8331-8C97BC4CC87B",
              "versionEndIncluding": "11.5.8",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35D39173-BC06-409F-805F-50874376F148",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "60189636-02D6-44CA-BE2A-7777E3C409CD",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68E2840B-96F4-4437-91D1-4AFE99E54D6A",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:14.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23E592A7-B530-4932-A81D-D1B9ABD64047",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35A6B27-EC09-42BD-992A-C47A23A7B7F9",
              "versionEndIncluding": "11.5.8",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70FDA39F-9038-4E1F-8DF3-585565AEFD75",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CD4DFE3-9071-4808-AE24-2CCA5DB5BA80",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B83479FA-82FB-4F71-9B98-E683745DB49E",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E734E1C-A92F-4394-8F33-4429161BE47C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DD20DA-0199-4D86-BBCB-012C25BB03E1",
              "versionEndIncluding": "11.5.8",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C3D1516-3B4B-4A9A-AF2A-727C256C3902",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AD75094-3248-4D37-969E-75272F6F31D6",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15F4D416-10F4-4C08-A25D-0795F7FE0FBE",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CF10213-FBE4-47A5-8EF2-B45BF15BEB6D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA17099-6682-4033-840D-D45157038F01",
              "versionEndIncluding": "11.5.8",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAEDD121-4CFD-434E-8CED-890AECFA32F6",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1160D8C7-32E7-4837-AF7B-6F056255B5A2",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19BEAC24-16B7-4841-818D-4ECD290F7579",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:f5:big-ip_protocol_security_manager:14.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCE3B2B0-66AA-4D12-B50E-8A3525AD74F0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5FE59B4-25A2-4EA0-94E4-22FD07AC8C5A",
              "versionEndIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "52670F46-9438-430A-9D16-1F10655AB7BD",
              "versionEndIncluding": "11.5.8",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E190B2BE-BE2F-41C9-885E-6E0951498EC7",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FE1518D-8F83-47E9-B183-A998FA8B7CE2",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6944128-3A30-4835-A125-3EA7571D7DC0",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F13AAF2-2AD5-4121-8ABB-919835A46BD6",
              "versionEndIncluding": "11.5.8",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6893786-8F81-49B3-B66C-910E225029EC",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79344F94-2CB8-4F08-9373-61614A38476C",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42D16634-442B-4674-B11E-6748D28764BD",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:14.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "622C877B-760A-4C50-9FDF-998C010B864E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF2A5505-3830-44DE-AE62-DED706A2926B",
              "versionEndIncluding": "11.5.8",
              "versionStartIncluding": "11.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3B161B7-21B7-4709-94D1-FBAF196C47A0",
              "versionEndIncluding": "11.6.3",
              "versionStartIncluding": "11.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "397AC4A5-B67C-483B-84F7-8CB294BB460C",
              "versionEndIncluding": "12.1.3",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E697E4FD-1882-4BF8-9B9F-FB7DFD19497B",
              "versionEndIncluding": "13.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:14.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80509490-50DA-42F8-8A4A-A6F6B95649BA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge."
    },
    {
      "lang": "es",
      "value": "En BIG-IP, en versiones 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1 y 14.0.0-14.0.0.2, en determinadas circunstancias, los sistemas de hardware con un puente de velocidad alta que utilizan configuraciones de reenv\u00edo de la capa 2 no establecidas por defecto podr\u00edan experimentar el bloqueo de dicho puente."
    }
  ],
  "id": "CVE-2019-6604",
  "lastModified": "2024-11-21T04:46:47.310",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-03-28T21:29:00.663",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K26455071"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K26455071"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2015-09-18 14:59
Modified
2024-11-21 02:31
Severity ?
Summary
The FastL4 virtual server in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.3.0 through 11.5.2 and 11.6.0 through 11.6.0 HF4, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 through 11.3.0, and BIG-IP PSM 11.2.1 through 11.4.1 allows remote attackers to cause a denial of service (Traffic Management Microkernel restart) via a fragmented packet.
References
cve@mitre.orghttp://www.securitytracker.com/id/1033578
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/17000/100/sol17155.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033578
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/17000/100/sol17155.htmlVendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_advanced_firewall_manager 11.3.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_analytics 11.3.0
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.6.0
f5 big-ip_application_security_manager 11.3.0
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_edge_gateway 11.3.0
f5 big-ip_global_traffic_manager 11.3.0
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_link_controller 11.3.0
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.6.0
f5 big-ip_local_traffic_manager 11.3.0
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_policy_enforcement_manager 11.3.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_protocol_security_module 11.2.1
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_protocol_security_module 11.4.1
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_webaccelerator 11.3.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA54B88F-4A16-4F40-8A3B-B107F0CA2334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE665CF-A633-474E-9519-D20E3D3958CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The FastL4 virtual server in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.3.0 through 11.5.2 and 11.6.0 through 11.6.0 HF4, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 through 11.3.0, and BIG-IP PSM 11.2.1 through 11.4.1 allows remote attackers to cause a denial of service (Traffic Management Microkernel restart) via a fragmented packet."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad en el servidor virtual FastL4 en F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller y PEM 11.3.0 hasta la versi\u00f3n 11.5.2 y 11.6.0 hasta la versi\u00f3n 11.6.0 HF4, BIG-IP Edge Gateway, WebAccelerator y WOM 11.2.1 hasta la versi\u00f3n 11.3.0 y BIG-IP PSM 11.2.1 hasta la versi\u00f3n 11.4.1, permite a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio del Traffic Management Microkernel) a trav\u00e9s de un paquete fragmentado."
    }
  ],
  "id": "CVE-2015-4638",
  "lastModified": "2024-11-21T02:31:27.213",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-09-18T14:59:00.097",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1033578"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/17000/100/sol17155.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1033578"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/17000/100/sol17155.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2016-04-13 16:59
Modified
2024-11-21 02:47
Severity ?
7.4 (High) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP DNS 12.0.0 before build 1.14.628; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, and 11.6.0 before build 6.204.442; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 build 685-HF10; BIG-IQ Cloud, Device, and Security 4.2.0 through 4.5.0; and BIG-IQ ADC 4.5.0 do not properly regenerate certificates and keys when deploying cloud images in Amazon Web Services (AWS), Azure or Verizon cloud services environments, which allows attackers to obtain sensitive information or cause a denial of service (disruption) by leveraging a target instance configuration.
References
cve@mitre.orghttp://www.securitytracker.com/id/1035520
cve@mitre.orghttps://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1035520
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.htmlVendor Advisory
Impacted products
Vendor Product Version
f5 big-iq_security 4.2.0
f5 big-iq_security 4.3.0
f5 big-iq_security 4.4.0
f5 big-iq_security 4.5.0
f5 big-ip_webaccelerator 11.3.0
f5 big-ip_application_security_manager 11.3.0
f5 big-ip_application_security_manager 11.4.0
f5 big-ip_application_security_manager 11.4.1
f5 big-ip_application_security_manager 11.5.0
f5 big-ip_application_security_manager 11.5.1
f5 big-ip_application_security_manager 11.5.2
f5 big-ip_application_security_manager 11.5.3
f5 big-ip_application_security_manager 11.5.4
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_application_security_manager 12.0.0
f5 big-ip_access_policy_manager 11.3.0
f5 big-ip_access_policy_manager 11.4.0
f5 big-ip_access_policy_manager 11.4.1
f5 big-ip_access_policy_manager 11.5.0
f5 big-ip_access_policy_manager 11.5.1
f5 big-ip_access_policy_manager 11.5.2
f5 big-ip_access_policy_manager 11.5.3
f5 big-ip_access_policy_manager 11.5.4
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_access_policy_manager 12.0.0
f5 big-ip_policy_enforcement_manager 11.3.0
f5 big-ip_policy_enforcement_manager 11.4.0
f5 big-ip_policy_enforcement_manager 11.4.1
f5 big-ip_policy_enforcement_manager 11.5.0
f5 big-ip_policy_enforcement_manager 11.5.1
f5 big-ip_policy_enforcement_manager 11.5.2
f5 big-ip_policy_enforcement_manager 11.5.3
f5 big-ip_policy_enforcement_manager 11.5.4
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_policy_enforcement_manager 12.0.0
f5 big-iq_cloud 4.2.0
f5 big-iq_cloud 4.3.0
f5 big-iq_cloud 4.4.0
f5 big-iq_cloud 4.5.0
f5 big-iq_application_delivery_controller 4.5.0
f5 big-ip_global_traffic_manager 11.3.0
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.5.4
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_local_traffic_manager 11.3.0
f5 big-ip_local_traffic_manager 11.4.0
f5 big-ip_local_traffic_manager 11.4.1
f5 big-ip_local_traffic_manager 11.5.0
f5 big-ip_local_traffic_manager 11.5.1
f5 big-ip_local_traffic_manager 11.5.2
f5 big-ip_local_traffic_manager 11.5.3
f5 big-ip_local_traffic_manager 11.5.4
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_local_traffic_manager 12.0.0
f5 big-iq_device 4.2.0
f5 big-iq_device 4.3.0
f5 big-iq_device 4.4.0
f5 big-iq_device 4.5.0
f5 big-ip_edge_gateway 11.3.0
f5 big-ip_application_acceleration_manager 11.4.1
f5 big-ip_application_acceleration_manager 11.5.0
f5 big-ip_application_acceleration_manager 11.5.1
f5 big-ip_application_acceleration_manager 11.5.2
f5 big-ip_application_acceleration_manager 11.5.3
f5 big-ip_application_acceleration_manager 11.5.4
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_acceleration_manager 12.0.0
f5 big-ip_wan_optimization_manager 11.3.0
f5 big-ip_advanced_firewall_manager 11.3.0
f5 big-ip_advanced_firewall_manager 11.4.0
f5 big-ip_advanced_firewall_manager 11.4.1
f5 big-ip_advanced_firewall_manager 11.5.0
f5 big-ip_advanced_firewall_manager 11.5.1
f5 big-ip_advanced_firewall_manager 11.5.2
f5 big-ip_advanced_firewall_manager 11.5.3
f5 big-ip_advanced_firewall_manager 11.5.4
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_advanced_firewall_manager 12.0.0
f5 big-ip_link_controller 11.3.0
f5 big-ip_link_controller 11.4.0
f5 big-ip_link_controller 11.4.1
f5 big-ip_link_controller 11.5.0
f5 big-ip_link_controller 11.5.1
f5 big-ip_link_controller 11.5.2
f5 big-ip_link_controller 11.5.3
f5 big-ip_link_controller 11.5.4
f5 big-ip_link_controller 11.6.0
f5 big-ip_link_controller 12.0.0
f5 big-ip_protocol_security_module 11.3.0
f5 big-ip_protocol_security_module 11.4.0
f5 big-ip_analytics 11.3.0
f5 big-ip_analytics 11.4.0
f5 big-ip_analytics 11.4.1
f5 big-ip_analytics 11.5.0
f5 big-ip_analytics 11.5.1
f5 big-ip_analytics 11.5.2
f5 big-ip_analytics 11.5.3
f5 big-ip_analytics 11.5.4
f5 big-ip_analytics 11.6.0
f5 big-ip_analytics 12.0.0
f5 big-ip_domain_name_system 12.0.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "283BF2C8-BED6-4FB5-91C0-E53F338F3AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98BEE39-FD68-49FC-A2A2-8926FFA4BF51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0003813A-C1A8-4ED1-A04C-7AE961E7FA22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC1A702-0CCB-48F9-A42E-D8C756DD9D76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "200A9CE9-E56D-4EFA-AC8A-954F945DDDBB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC69B41E-C22D-48D2-8609-60C018F1F48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270EEBF6-46FA-48FC-BEC9-9C0838A86BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93310708-E1FE-445A-BB1F-7D1F553AEC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF47456-CCA0-4817-9AEF-631DC152174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5F9107-549C-40EF-B355-C7E93A979CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1A1C200-30B2-4B38-BC74-D11E54530A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5127-5314-4026-905D-937B7B62473F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E42DAA-700D-487C-9238-F7F3D75A8C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE13DA9F-8460-430E-B939-BF17A7D37A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A04EB1-0C2C-4FC0-9E4D-05AFE65503D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF93E82F-D38C-4D4D-99EB-E334EE163C4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3471D34-A76C-498A-8C45-1553A579A88B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A49B1D82-3EC2-4E20-8FF5-58248905E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "624EFAEB-15C2-422F-BAD1-D0BC37878349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C1525D-46DE-4362-BBAD-095BBF718990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "259C05BB-6349-4005-9372-21623DC5002D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA4FC82-F8FB-4F11-94DA-12D280A18E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB5D327F-4233-45CE-A557-F7BA717AF057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E5F378-E93E-45F6-A445-F2DAB5C423F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9538F63-3DC9-42CC-87D5-3CA048AE52A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96673865-3D37-4562-831E-3ACE9DFB471E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E288D50B-7EFA-4FC8-938B-EE3765FFA24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D94751C-A340-4DE7-821A-5143FA0011E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0141FA-44E9-460E-B175-29A7FA251301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD27EF7-3329-4009-959F-D2E4D5935E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4CB61D3-DF59-4EE0-A0F0-5899850496B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF646EF0-56C8-492E-A78D-B00ECAA8D851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D42B922-A5F7-41FC-A361-BA0E065B5B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C28542-51A4-4464-ADF9-C6376F829F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "584853F9-644F-40B2-A28F-1CE9B51F84F6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CD200C-1D14-471F-93C1-027CC676C26C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1850CE-D20D-4677-8CF2-1DB3A4EB33F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70B1E2-0B3D-4DE9-8ED9-777F73D0B750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D226F1-6513-4233-BE20-58D7AB24978F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33B2082-E040-4799-A260-BA687ED8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A85766A4-2181-4719-ADCF-4FEA0031DB80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E93EE3-DB73-468E-87CA-4D277F283648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB01A61-1924-417F-8A75-9FDF8F14F754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP DNS 12.0.0 before build 1.14.628; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, and 11.6.0 before build 6.204.442; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 build 685-HF10; BIG-IQ Cloud, Device, and Security 4.2.0 through 4.5.0; and BIG-IQ ADC 4.5.0 do not properly regenerate certificates and keys when deploying cloud images in Amazon Web Services (AWS), Azure or Verizon cloud services environments, which allows attackers to obtain sensitive information or cause a denial of service (disruption) by leveraging a target instance configuration."
    },
    {
      "lang": "es",
      "value": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Lenk Controller y PEM 11.3.x, 11.4.x en versiones anteriores a 11.4.1 build 685-HF10, 11.5.1 en versiones anteriores a build 10.104.180, 11.5.2 en versiones anteriores a 11.5.4 build 0.1.256, 11.6.0 en versiones anteriores a build 6.204.442 y 12.0.0 en versiones anteriores a build 1.14.628; BIG-IP AAM 11.4.x en versiones anteriores a 11.4.1 build 685-HF10, 11.5.1 en versiones anteriores a build 10.104.180, 11.5.2 en versiones anteriores a 11.5.4 build 0.1.256, 11.6.0 en versiones anteriores a build 6.204.442 y 12.0.0 en versiones anteriores a build 1.14.628; BIG-IP DNS 12.0.0 en versiones anteriores a build 1.14.628; BIG-IP Edge Gateway, WebAccelerator y WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x en versiones anteriores a 11.4.1 build 685-HF10, 11.5.1 en versiones anteriores a build 10.104.180, 11.5.2 en versiones anteriores a 11.5.4 build 0.1.256 y 11.6.0 en versiones anteriores a build 6.204.442; BIG-IP PSM 11.3.x y 11.4.x en versiones anteriores a 11.4.1 build 685-HF10; BIG-IQ Cloud, Device y Security 4.2.0 hasta la versi\u00f3n 4.5.0 y BIG-IQ ADC 4.5.0 no regenera correctamente certificados y claves cuando despliega im\u00e1genes en la nube en Amazon Web Services (AWS), Azure o entornos de servicios en al nube de Verizon, lo que permite a atacantes obtener informaci\u00f3n sensible o provocar una denegaci\u00f3n de servicio (interrupci\u00f3n) aprovechando una configuraci\u00f3n de instancia de objetivo."
    }
  ],
  "id": "CVE-2016-2084",
  "lastModified": "2024-11-21T02:47:46.577",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-04-13T16:59:10.160",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1035520"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1035520"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2014-03-11 13:01
Modified
2024-11-21 02:01
Severity ?
Summary
The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk.
References
secalert@redhat.comhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2014-0328.htmlThird Party Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2014-0419.htmlThird Party Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2014-0432.htmlThird Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/59216Third Party Advisory
secalert@redhat.comhttp://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.htmlThird Party Advisory
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2014/03/04/6Mailing List, Patch, Third Party Advisory
secalert@redhat.comhttp://www.securityfocus.com/bid/65943Third Party Advisory, VDB Entry
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2173-1Third Party Advisory
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2174-1Third Party Advisory
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=1070705Issue Tracking, Patch, Third Party Advisory
secalert@redhat.comhttps://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-0328.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-0419.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-0432.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59216Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2014/03/04/6Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/65943Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2173-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2174-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=1070705Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729Patch, Third Party Advisory
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_eus 6.3
redhat enterprise_linux_eus 6.4
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server_aus 6.4
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_server_tus 6.5
redhat enterprise_linux_workstation 6.0
canonical ubuntu_linux 10.04
f5 big-ip_access_policy_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_analytics *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_security_manager *
f5 big-ip_edge_gateway *
f5 big-ip_enterprise_manager *
f5 big-ip_enterprise_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_link_controller *
f5 big-ip_local_traffic_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_protocol_security_module *
f5 big-ip_wan_optimization_manager *
f5 big-ip_webaccelerator *
f5 big-iq_adc 4.5.0
f5 big-iq_centralized_management 4.6.0
f5 big-iq_cloud *
f5 big-iq_device *
f5 big-iq_security *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0E9005C-26CB-4056-8F6B-98C7FDF2F7B9",
              "versionEndExcluding": "3.2.56",
              "versionStartIncluding": "2.6.24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2869AF87-7E94-4E08-8EF9-8C62F663EC82",
              "versionEndExcluding": "3.4.84",
              "versionStartIncluding": "3.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67836467-8BEF-44A1-B031-98EFBA19F38C",
              "versionEndExcluding": "3.10.34",
              "versionStartIncluding": "3.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AE2B033-586E-48AC-95DC-880018601DFC",
              "versionEndExcluding": "3.12.15",
              "versionStartIncluding": "3.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B13865A2-6E9A-4FFE-A1C2-02B75D66C207",
              "versionEndExcluding": "3.13.7",
              "versionStartIncluding": "3.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8382A145-CDD9-437E-9DE7-A349956778B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A8E07B7-3739-4BEB-88F8-C7F62431E889",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F876CB01-E4E3-461B-BF67-F993D3C058B9",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF513AF7-A3D9-46E0-BDCF-A4C9F6DDE83E",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0D2EAFC-436A-4553-B688-268EF5610499",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "91D62DE9-6693-474F-A2F4-9F53A06F5663",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA78FF31-4D4A-402D-9C3C-61DC9B14A790",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FF30167-0241-4136-82F8-2D2FB545C19A",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "980317BB-165F-4804-926E-9973BC16E28A",
              "versionEndIncluding": "2.3.0",
              "versionStartIncluding": "2.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23AEA33F-71CC-473F-86A4-C120532928DE",
              "versionEndIncluding": "3.1.1",
              "versionStartIncluding": "3.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEE25317-09BF-46D2-934B-2D05B1390EFA",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2CBEB8A-617C-470F-BF49-10BE16FBFA97",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C8165D3-9160-4947-B1DF-226698B39E90",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A63021EE-71D7-4CB3-AEDD-90A890FD5959",
              "versionEndIncluding": "11.5.3",
              "versionStartIncluding": "11.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C666A18-9DED-4B49-92DE-474403FC17BF",
              "versionEndIncluding": "11.4.1",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6B52D60-38DB-4BE9-91F4-B6553F5E5A93",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1E3204F-9464-4AC3-819B-D1A6B399FAE3",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9768142-C554-44DE-B8D5-45CB51E3C34C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8BF865-BA45-4711-829F-EC8E5EA22D2F",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3E56EB-202A-4F58-8E94-B2DDA1693498",
              "versionEndIncluding": "4.5.0",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n sctp_sf_do_5_1D_ce en net/sctp/sm_statefuns.c en el kernel de Linux hasta la versi\u00f3n 3.13.6 no valida ciertos campos auth_enable y auth_capable antes de hacer una llamada sctp_sf_authenticate, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (referencia a puntero NULL y ca\u00edda del sistema) a trav\u00e9s de un SCTP handshake con un fragmento INIT modificado y un fragmento AUTH manipulado anterior a un fragmento COOKIE_ECHO."
    }
  ],
  "id": "CVE-2014-0101",
  "lastModified": "2024-11-21T02:01:22.173",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-03-11T13:01:06.733",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0419.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0432.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/59216"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/03/04/6"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/65943"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2173-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2174-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070705"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0419.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0432.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/59216"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/03/04/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/65943"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2173-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2174-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2012-10-17 00:55
Modified
2024-11-21 01:40
Severity ?
Summary
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
References
secalert_us@oracle.comhttp://rhn.redhat.com/errata/RHSA-2012-1462.htmlThird Party Advisory
secalert_us@oracle.comhttp://secunia.com/advisories/51177Not Applicable
secalert_us@oracle.comhttp://secunia.com/advisories/51309Not Applicable
secalert_us@oracle.comhttp://secunia.com/advisories/53372Not Applicable
secalert_us@oracle.comhttp://secunia.com/advisories/56509Not Applicable
secalert_us@oracle.comhttp://secunia.com/advisories/56513Not Applicable
secalert_us@oracle.comhttp://security.gentoo.org/glsa/glsa-201308-06.xmlThird Party Advisory
secalert_us@oracle.comhttp://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.htmlThird Party Advisory
secalert_us@oracle.comhttp://www.debian.org/security/2012/dsa-2581Third Party Advisory
secalert_us@oracle.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2013:150Third Party Advisory
secalert_us@oracle.comhttp://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.htmlPatch, Third Party Advisory
secalert_us@oracle.comhttp://www.ubuntu.com/usn/USN-1621-1Third Party Advisory
secalert_us@oracle.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/79381Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2012-1462.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/51177Not Applicable
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/51309Not Applicable
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/53372Not Applicable
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/56509Not Applicable
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/56513Not Applicable
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201308-06.xmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2012/dsa-2581Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2013:150Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-1621-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/79381Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
oracle mysql *
oracle mysql *
mariadb mariadb *
mariadb mariadb *
canonical ubuntu_linux 10.04
canonical ubuntu_linux 11.10
canonical ubuntu_linux 12.04
canonical ubuntu_linux 12.10
debian debian_linux 6.0
debian debian_linux 7.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_eus 6.3
redhat enterprise_linux_server 6.0
redhat enterprise_linux_workstation 6.0
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_advanced_firewall_manager 11.3.0
f5 big-ip_analytics *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_enterprise_manager *
f5 big-ip_enterprise_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_policy_enforcement_manager 11.3.0
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_wan_optimization_manager *
f5 big-ip_wan_optimization_manager *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B4BD2E2-983F-4926-96FE-E8FE886CD963",
              "versionEndIncluding": "5.1.64",
              "versionStartIncluding": "5.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "55230A9A-73B6-4D31-9928-AA151F782D48",
              "versionEndIncluding": "5.5.26",
              "versionStartIncluding": "5.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EC9DD53-AC79-4568-8AEE-677FD075470E",
              "versionEndExcluding": "5.1.66",
              "versionStartIncluding": "5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "56C968B2-7A65-4BE6-881D-F6248189EA32",
              "versionEndExcluding": "5.5.27",
              "versionStartIncluding": "5.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8382A145-CDD9-437E-9DE7-A349956778B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "384E40E2-6A1E-41EE-9075-C3D4E4C9DF3D",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7507BDFF-5B52-4A06-9F8C-2B6F3958162A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA3E5454-D0E6-4BF9-B95F-A43ECE1A4C66",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "667D3780-3949-41AC-83DE-5BCB8B36C382",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD998E02-0896-4970-8BF7-2D2A3EF3FD7B",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8942D9D-8E3A-4876-8E93-ED8D201FF546",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35C66CD9-BCF0-44C0-AD9B-85D95FC6FF1E",
              "versionEndIncluding": "2.3.0",
              "versionStartIncluding": "2.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23AEA33F-71CC-473F-86A4-C120532928DE",
              "versionEndIncluding": "3.1.1",
              "versionStartIncluding": "3.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5AF8C8-578E-4FD7-8BAA-53A57EE4C653",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC253328-767A-4DC9-85FB-E8E5666B916B",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "64C91648-A64F-4D8A-9F60-DEE6CA181A87",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E675191C-CA97-4F56-949A-DF2180C2C9F0",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA52816-C4B7-4B1E-A950-EE9B571CB06B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0B4C01-C71E-4E35-B63A-68395984E033",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A97C7ACA-7D67-49C1-BA1E-256CD9E337D8",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BC025A-D45E-45FB-A4E4-1C89320B5BBE",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C75978B-566B-4353-8716-099CB8790EE0",
              "versionEndIncluding": "11.3.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.64 y anteriores, y v5.5.26 y anteriores, permite a usuarios remotos autenticados a afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con Information Schema."
    }
  ],
  "id": "CVE-2012-3163",
  "lastModified": "2024-11-21T01:40:20.007",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-10-17T00:55:01.227",
  "references": [
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1462.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/51177"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/51309"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/53372"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/56509"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/56513"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2012/dsa-2581"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1621-1"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79381"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1462.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/51177"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/51309"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/53372"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/56509"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/56513"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2012/dsa-2581"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1621-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79381"
    }
  ],
  "sourceIdentifier": "secalert_us@oracle.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-10-31 14:29
Modified
2024-11-21 03:50
Severity ?
7.2 (High) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1 or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.
References
f5sirt@f5.comhttps://support.f5.com/csp/article/K20222812Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K20222812Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_protocol_security_module *
f5 big-ip_protocol_security_module *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 enterprise_manager 3.1.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B189FA9C-D989-460B-85AC-FD39F8E0259E",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3A526B1-EB66-497F-B8B5-45205781B323",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A53D2261-716A-46D4-B1A4-1C1D84F6AF94",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9032E773-CAB2-4108-A86B-04A8383663BE",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11719D56-D88C-4970-B89E-376D6883857B",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "51218200-4536-4ED9-AA9A-301E2B30B829",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "93B1A472-EA29-4D4E-A27E-F40B0457DE39",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "224F2348-19DC-4242-8A1E-5F5BDCB86B9C",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E55CC546-E22D-4DD3-B0A6-9C4BC65E0951",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E021297A-FD19-446B-B526-7516503B6D24",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE41473-F2DF-4FA8-B208-2A546DE49CA2",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC852AA9-7C30-44D8-A964-07DF817A4FF2",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "734B216E-67CD-44B3-AA47-2D86BF2D68CF",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D11EBE7-741F-4585-962F-99EAA29C1F0E",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "018D35E1-B5D0-456E-9348-79E6CD0560E2",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F6C963-A1BF-4579-9345-D0207269577A",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C762BE7-29D5-47B2-B3A3-8AD9646417B6",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6B989A-BA55-47F5-8269-D9FA435ECC29",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CFDA5A2-FDB6-4F7A-ADC1-A1016639FCDC",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F534EADF-DA49-4EDD-97F8-C4046E890D8B",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6010CA3B-B5AB-4C6B-93A9-A148207224B2",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0233F1B-2DDB-4B01-A549-E76C18BBC3F1",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0A2FCB-564D-4530-B642-624B6A4F1A22",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DBE74F-6E43-448F-9479-8FD75D5DCC22",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A5F5C3E-C71C-4FBF-A2F4-68CEC90097DA",
              "versionEndIncluding": "13.1.1.1",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6ADE585-616C-4B40-A40C-EE97A8FAC653",
              "versionEndIncluding": "14.0.0.2",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1 or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced."
    },
    {
      "lang": "es",
      "value": "En BIG-IP14.0.0-14.0.0.2 o 13.0.0-13.1.1.1, o Enterprise Manager 3.1.1, cuando los usuarios administrativos autenticados ejecutan comandos en el TMUI (Traffic Management User Interface), tambi\u00e9n llamado utilidad BIG-IP Configuration, podr\u00edan no aplicarse las restricciones sobre los comandos permitidos."
    }
  ],
  "id": "CVE-2018-15327",
  "lastModified": "2024-11-21T03:50:34.270",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-31T14:29:00.767",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K20222812"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K20222812"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-862"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}