F5: Security Vulnerabilities
Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password for the Crypto User account. The predictable nature of the password allows an authenticated user with TMSH access to the BIG-IP system, or anyone with physical access to the FIPS HSM, the information required to generate the correct password. On vCMP systems, all Guests share the same deterministic password, allowing those with TMSH access on one Guest to access keys of a different Guest.
The following BIG-IP hardware platforms are affected: 10350v-F, i5820-DF, i7820-DF, i15820-DF, 5250v-F, 7200v-F, 10200v-F, 6900-F, 8900-F, 11000-F, and 11050-F.
The BIG-IP rSeries r5920-DF and r10920-DF are not affected, nor does the issue affect software FIPS implementations or network HSM configurations.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Score
6.0
EPSS Score
0.001
Published
2023-08-02
NGINX Management Suite default file permissions are set such that an authenticated attacker may be able to modify sensitive files on NGINX Instance Manager and NGINX API Connectivity Manager.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-05-03
When DNS is provisioned, an authenticated remote command execution vulnerability exists in DNS iQuery mesh.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Score
7.2
EPSS Score
0.024
Published
2023-05-03
When UDP profile with idle timeout set to immediate or the value 0 is configured on a virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Score
7.5
EPSS Score
0.004
Published
2023-05-03
An authenticated attacker granted a Viewer or Auditor role on a BIG-IQ can upload arbitrary files using an undisclosed iControl REST endpoint. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-05-03
An improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows and macOS and may allow an attacker to impersonate a BIG-IP APM system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Score
7.4
EPSS Score
0.002
Published
2023-05-03
When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Score
5.3
EPSS Score
0.002
Published
2023-05-03
Multiple reflected cross-site scripting (XSS) vulnerabilities exist in undisclosed pages of the BIG-IP Configuration utility which allow an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Score
7.5
EPSS Score
0.005
Published
2023-05-03
A directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility which may allow an authenticated attacker to read files with .xml extension. Access to restricted information is limited and the attacker does not control what information is obtained.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Score
4.3
EPSS Score
0.009
Published
2023-05-03
NGINX Management Suite may allow an authenticated attacker to gain access to configuration objects outside of their assigned environment.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Score
8.1
EPSS Score
0.003
Published
2023-05-03