Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
On F5 BIG-IP Advanced WAF, ASM, and APM 16.1.x versions prior to 16.1.2.1, 15.1.x versions prior to 15.1.5, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, when ASM or Advanced WAF, as well as APM, are configured on a virtual server, the ASM policy is configured with Session Awareness, and the "Use APM Username and Session ID" option is enabled, undisclosed requests can cause the bd process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
控制流实现总是不正确
Vulnerability Title
多款F5 BIG-IP产品安全漏洞
Vulnerability Description
F5 BIG-IP APM等都是美国F5公司的产品。F5 BIG-IP APM是一套访问和安全解决方案。F5 BIG-IP ASM是一款Web应用程序防火墙(WAF),F5 Big-Ip Advanced Waf是一款高级 Web 应用程序防火墙。 F5 BIG-IP Advanced WAF、ASM、APM存在安全漏洞,该漏洞源于当在虚拟服务器上配置了 ASM 或 Advanced WAF 或 APM,同时 ASM 策略配置了 Session Awareness,并且启用了 Use APM Userna
CVSS Information
N/A
Vulnerability Type
N/A