Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 HF1, 11.5.4 - 11.5.4 HF2, when configured as a SAML Identity Provider with a Service Provider (SP) connector, might allow traffic to be disrupted or failover initiated when a malformed, signed SAML authentication request from an authenticated user is sent via the SP connector.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
F5 BIG-IP APM TMM SSO插件输入验证漏洞
Vulnerability Description
F5 BIG-IP APM是美国F5公司的一套访问和安全解决方案。该解决方案提供统一访问关键业务应用和网络的功能。TMM SSO是其中的一个用于执行流量管理服务进程的单点登录插件。 F5 BIG-IP APM中的TMM SSO插件存在安全漏洞。攻击者可借助畸形且已签名的SAML身份验证请求利用该漏洞临时性的中断流量。以下产品和版本受到影响:F5 BIG-IP APM 12.0.0版本至12.1.1版本;11.6.0版本至11.6.1 HF1版本;11.5.4版本至11.5.4 HF2版本。
CVSS Information
N/A
Vulnerability Type
N/A