Day: 4 mayo, 2023

Security Advisory Description NGINX Management Suite may allow an authenticated attacker to gain access to configuration objects outside of their assigned environment.( CVE-2023-28656) Impact This ... More info: https://my.f5.com/manage/s/article/K000133417?utm_source=f5support&utm_medium=RSS

Security Advisory Description When DNS is provisioned, an authenticated remote command execution vulnerability exists in DNS iQuery mesh. (CVE-2023-28742 ) Impact This vulnerability may allow an ... More info: https://my.f5.com/manage/s/article/K000132972?utm_source=f5support&utm_medium=RSS

Security Advisory Description In the pre connection stage, an improper enforcement of message integrity vulnerability exists in BIG-IP Edge Client for Windows and Mac OS. (CVE-2023-22372 ) Impact More info: https://my.f5.com/manage/s/article/K000132522?utm_source=f5support&utm_medium=RSS

Security Advisory Description When an SSL profile is configured on a virtual server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. (CVE-2023-24594 ) Impact More info: https://my.f5.com/manage/s/article/K000133132?utm_source=f5support&utm_medium=RSS

A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to a missing authentication process within the firmware upgrade function. An attacker could exploit this vulnerability by upgrading an affected device to a crafted version of firmware. A successful exploit could allow the attacker to execute arbitrary code on the affected device with More info: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-spa-unauth-upgrade-UqhyTWW?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20SPA112%202-Port%20Phone%20Adapters%20Remote%20Command%20Execution%20Vulnerability&vs_k=1

Security Advisory Description When DNS is provisioned, an authenticated remote command execution vulnerability exists in DNS iQuery mesh. (CVE-2023-28742) Impact This vulnerability may allow an ... More info: https://my.f5.com/manage/s/article/K000132972?utm_source=f5support&utm_medium=RSS

Security Advisory Description Multiple reflected cross-site scripting (XSS) vulnerabilities exist in undisclosed pages of the BIG-IP Configuration utility that allow an attacker to run JavaScript ... More info: https://my.f5.com/manage/s/article/K000132726?utm_source=f5support&utm_medium=RSS

Security Advisory Description When an SSL profile is configured on a virtual server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. (CVE-2023-24594) Impact More info: https://my.f5.com/manage/s/article/K000133132?utm_source=f5support&utm_medium=RSS

Security Advisory Description A directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that may allow an authenticated attacker to read files with an . ... More info: https://my.f5.com/manage/s/article/K000132768?utm_source=f5support&utm_medium=RSS

Security Advisory Description In the pre connection stage, an improper enforcement of message integrity vulnerability exists in BIG-IP Edge Client for Windows and Mac OS. (CVE-2023-22372) Impact More info: https://my.f5.com/manage/s/article/K000132522?utm_source=f5support&utm_medium=RSS