Day: 3 julio, 2019

BIG-IP HTTP profile vulnerability CVE-2019-6631 Security Advisory Security Advisory Description iRules performing HTTP header manipulation may cause an interruption to service when processing ... More info: https://support.f5.com/csp/article/K19501795

iControl REST vulnerability CVE-2019-6638 Security Advisory Security Advisory Description Malformed http requests made to an undisclosed iControl REST endpoint can lead to infinite loop of the ... More info: https://support.f5.com/csp/article/K67825238

iControl REST and tmsh vulnerability CVE-2019-6621 Security Advisory Security Advisory Description Undisclosed iControl REST worker is vulnerable to command injection by an admin/resource admin user. More info: https://support.f5.com/csp/article/K20541896

IP Intelligence Feed List TMUI vulnerability CVE-2019-6636 Security Advisory Security Advisory Description Stored cross-site scripting vulnerability in AFM feed list. In the worst case, an ... More info: https://support.f5.com/csp/article/K68151373

BIG-IP TMUI vulnerability CVE-2019-6625 Security Advisory Security Advisory Description A reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic ... More info: https://support.f5.com/csp/article/K79902360

BIG-IP TMUI XSS vulnerability CVE-2019-6626 Security Advisory Security Advisory Description A reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic ... More info: https://support.f5.com/csp/article/K00432398

iControl REST vulnerability CVE-2019-6620 Security Advisory Security Advisory Description Undisclosed iControl REST worker vulnerable to command injection for an Administrator user. (CVE-2019-6620) More info: https://support.f5.com/csp/article/K20445457

cURL vulnerability CVE-2019-5435 Security Advisory Security Advisory Description An integer overflow in curls URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1. (CVE- ... More info: https://support.f5.com/csp/article/K08125515

July 02, 2019 2:00 PM PDT CVE Identifier: CVE-2019-11246 AWS is aware of a security vulnerability (CVE-2019-11246) in the Kubernetes kubectl tool that could allow a malicious container to replace or create files on a users workstation. If a user were to run an untrusted container containing a malicious version of the tar command and execute the kubectl cp operation, the kubectl binary unpacking the tar file could overwrite or create files on a users workstation. AWS customers should refrain More info: https://aws.amazon.com/security/security-bulletins/AWS-2019-006/

iControl REST vulnerability CVE-2019-6641 Security Advisory Security Advisory Description Undisclosed requests can cause iControl REST processes to crash. The attack can only come from an ... More info: https://support.f5.com/csp/article/K22384173