VYPR

BIG-IP Advanced WAF

by F5, Inc.

CVEs (3)

  • CVE-2024-23308HigFeb 14, 2024
    risk 0.49cvss 7.5epss 0.01

    When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition results from setting the Request Body Handling option in the Header-Based Content…

  • CVE-2020-27718HigDec 24, 2020
    risk 0.49cvss 7.5epss 0.01

    When a BIG-IP ASM or Advanced WAF system running version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, or 11.6.1-11.6.5.2 processes requests with JSON payload, an unusually large number of parameters can cause excessive CPU usage in the…

  • CVE-2020-5946HigNov 5, 2020
    risk 0.49cvss 7.5epss 0.01

    In BIG-IP Advanced WAF and FPS versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, under some circumstances, certain format client-side alerts sent to the BIG-IP virtual server configured with DataSafe may cause the Traffic Management Microkernel (TMM) to restart,…