漏洞标题
N/A
漏洞描述信息
"F5 BIG-IP LTM、APM、ASM和Link Controller 10.2.1 through 10.2.4、11.2.1、11.4.x、11.5.x Before 11.5.4 HF2、11.6.x Before 11.6.1和12.0.0 Before HF3的RESOLV::lookup iRule命令; BIG-IP AAM、AFM和PEM 11.4.x、11.5.x Before 11.5.4 HF2、11.6.x Before 11.6.1和12.0.0 Before HF3; BIG-IP Analytics 11.2.1、11.4.x、11.5.x Before 11.5.4 HF2、11.6.x Before 11.6.1和12.0.0 Before HF3; BIG-IP DNS 12.0.0 Before HF3; BIG-IP Edge Gateway、WebAccelerator和 WOM 10.2.1 through 10.2.4和11.2.1; BIG-IP GTM 10.2.1 through 10.2.4、11.2.1、11.4.x、11.5.x Before 11.5.4 HF2、11.6.x Before 11.6.1; and BIG-IP PSM 10.2.1 through 10.2.4和11.4.0 through 11.4.1允许远程DNS服务器通过编写的PTR响应来拒绝服务(CPU使用或流量管理微内核崩溃)。"
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link Controller 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP Analytics 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP DNS 12.0.0 before HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 10.2.1 through 10.2.4 and 11.2.1; BIG-IP GTM 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 10.2.1 through 10.2.4 and 11.4.0 through 11.4.1 allows remote DNS servers to cause a denial of service (CPU consumption or Traffic Management Microkernel crash) via a crafted PTR response.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
多款F5产品拒绝服务漏洞
漏洞描述信息
F5 BIG-IP Analytics等都是美国F5公司的产品。F5 BIG-IP Analytics是一套Web应用程序性能分析软件。APM是一套提供安全统一访问关键业务应用和网络的解决方案。LTM是一款本地流量管理器。 多款F5产品中的RESOLV::lookup iRule命令存在拒绝服务漏洞。远程DNS服务端的攻击者可借助特制的PTR响应利用该漏洞造成拒绝服务(CPU消耗或Traffic Management Microkernel崩溃)。以下产品和版本受到影响:F5 BIG-IP LTM,APM
CVSS信息
N/A
漏洞类别
资源管理错误