Day: 29 abril, 2021

BIG-IP APM ACL bypass vulnerability CVE-2021-23016 Security Advisory Security Advisory Description An attacker may be able to bypass APMs internal restrictions and retrieve static content that is ... More info: https://support.f5.com/csp/article/K75540265?utm_source=f5support&utm_medium=RSS

BIG-IP APM ACL Bypass Vulnerability CVE-2021-23016 Security Advisory Security Advisory Description An attacker may be able to bypass APMs internal restrictions and retrieve static content that is ... More info: https://support.f5.com/csp/article/K75540265?utm_source=f5support&utm_medium=RSS

Overview of F5 vulnerabilities (April 2021) Security Advisory Security Advisory Description On April 28th, 2021, F5 announced the following security issues. This document is intended to serve as ... More info: https://support.f5.com/csp/article/K96639388?utm_source=f5support&utm_medium=RSS

Python Pillow vulnerabilities CVE-2020-5312 and CVE-2020-5313 Security Advisory Security Advisory Description CVE-2020-5312 libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer ... More info: https://support.f5.com/csp/article/K16213320?utm_source=f5support&utm_medium=RSS

Resource Administrator or Administrator role authenticated local command execution vulnerability CVE-2021-23012 Security Advisory Security Advisory Description Lack of input validation for items ... More info: https://support.f5.com/csp/article/K04234247?utm_source=f5support&utm_medium=RSS

TMM vulnerability CVE-2021-23011 Security Advisory Security Advisory Description When the BIG-IP system is buffering packet fragments for reassembly, the Traffic Management Microkernel (TMM) may ... More info: https://support.f5.com/csp/article/K10751325?utm_source=f5support&utm_medium=RSS

BIG-IP Advanced WAF and ASM Brute Force Protection feature may not properly support the Post-Redirect-Get application flow Security Advisory Security Advisory Description The Advanced WAF and BIG- ... More info: https://support.f5.com/csp/article/K91414704?utm_source=f5support&utm_medium=RSS

BIG-IP Advanced WAF and ASM REST API vulnerability CVE-2021-23014 Security Advisory Security Advisory Description BIG-IP Advanced WAF and ASM are missing authorization checks for file uploads to a ... More info: https://support.f5.com/csp/article/K23203045?utm_source=f5support&utm_medium=RSS

BIG-IP APM AD authentication vulnerability CVE-2021-23008 Security Advisory Security Advisory Description BIG-IP APM AD (Active Directory) authentication can be bypassed using a spoofed AS-REP ( ... More info: https://support.f5.com/csp/article/K51213246?utm_source=f5support&utm_medium=RSS

BIG-IP ASM and Advanced WAF WebSocket vulnerability CVE-2021-23010 Security Advisory Security Advisory Description When the BIG-IP ASM/Advanced WAF system processes WebSocket requests with JSON ... More info: https://support.f5.com/csp/article/K18570111?utm_source=f5support&utm_medium=RSS