The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2023-43746 | When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing BIG-IP external monitor on a BIG-IP system. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | -- | Oct 10, 2023 |
| CVE-2023-41253 | When on BIG-IP DNS or BIG-IP LTM enabled with DNS Services License, and a TSIG key is created, it is logged in plaintext in the audit log. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | -- | Oct 10, 2023 |
| CVE-2024-24989 | When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3 https://nginx.org/en/docs/quic.html . NOTE: Software versions which have reached End of Technical Support (EoTS) are not evaluated | -- | Feb 14, 2024 |
| CVE-2024-24990 | When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3 https://nginx.org/en/docs/quic.html . Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | -- | Feb 14, 2024 |
| CVE-2024-24966 | When LDAP remote authentication is configured on F5OS, a remote user without an assigned role will be incorrectly authorized. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | -- | Feb 14, 2024 |
| CVE-2023-41085 | When IPSec is configured on a Virtual Server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | -- | Oct 10, 2023 |
| CVE-2023-28742 | When DNS is provisioned, an authenticated remote command execution vulnerability exists in DNS iQuery mesh. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | -- | May 3, 2023 |
| CVE-2023-39447 | When BIG-IP APM Guided Configurations are configured, undisclosed sensitive information may be logged in restnoded log. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | -- | Oct 10, 2023 |
| CVE-2024-25560 | When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | -- | May 8, 2024 |
| CVE-2024-21763 | When BIG-IP AFM Device DoS or DoS profile is configured with NXDOMAIN attack vector and bad actor detection, undisclosed queries can cause the Traffic Management Microkernel (TMM) to terminate. NOTE: Software versions which have reached End of Technical Support (EoTS) are not evaluated | -- | Feb 14, 2024 |
| CVE-2023-24594 | When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | -- | May 3, 2023 |
| CVE-2023-42768 | When a non-admin user has been assigned an administrator role via an iControl REST PUT request and later the user\'s role is reverted back to a non-admin role via the Configuration utility, tmsh, or iControl REST. BIG-IP non-admin user can still have access to iControl REST admin resource. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | -- | Oct 10, 2023 |
| CVE-2024-23308 | When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition results from setting the Request Body Handling option in the Header-Based Content Profile for an Allowed URL with Apply value and content signatures and detect threat campaigns. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | -- | Feb 14, 2024 |
| CVE-2022-36787 | webvendome - webvendome SQL Injection. SQL Injection in the Parameter DocNumber Request : Get Request : /webvendome/showfiles.aspx?jobnumber=nullDoc Number=HERE. | -- | Nov 18, 2022 |
| CVE-2022-39178 | Webvendome - webvendome Internal Server IP Disclosure. Send GET Request to the request which is shown in the picture. Internal Server IP and Full path disclosure. | -- | Nov 18, 2022 |
| CVE-2023-37240 | Vulnerability of missing input length verification in the distributed file system. Successful exploitation of this vulnerability may cause out-of-bounds read. | -- | Jul 6, 2023 |
| CVE-2023-44107 | Vulnerability of defects introduced in the design process in the screen projection module.Successful exploitation of this vulnerability may affect service availability and integrity. | -- | Oct 11, 2023 |
| CVE-2023-44096 | Vulnerability of brute-force attacks on the device authentication module.Successful exploitation of this vulnerability may affect service confidentiality. | -- | Oct 11, 2023 |
| CVE-2022-43531 | Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underlying database potentially leading to complete compromise of the ClearPass Policy Manager cluster in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x: 6.10.7 and below and ClearPass Policy Manager 6.9.x: 6.9.12 and below. | -- | Jan 5, 2023 |
| CVE-2023-6096 | Vladimir Kononovich, a Security Researcher has found a flaw that using a inappropriate encryption logic on the DVR. firmware encryption is broken and allows to decrypt. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer\'s report for details and workarounds. | -- | Apr 26, 2024 |
| CVE-2023-6095 | Vladimir Kononovich, a Security Researcher has found a flaw that allows for a remote code execution on the DVR. An attacker could inject malicious HTTP headers into request packets to execute arbitrary code. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer\'s report for details and workarounds. | -- | Apr 26, 2024 |
| CVE-2023-29155 | Versions of INEA ME RTU firmware 3.36b and prior do not require authentication to the root account on the host system of the device. This could allow an attacker to obtain admin-level access to the host system. | -- | Nov 20, 2023 |
| CVE-2023-35762 | Versions of INEA ME RTU firmware 3.36b and prior are vulnerable to operating system (OS) command injection, which could allow remote code execution. | -- | Nov 20, 2023 |
| CVE-2023-32350 | Versions 00.07.00 through 00.07.03 of Teltonika’s RUT router firmware contain an operating system (OS) command injection vulnerability in a Lua service. An attacker could exploit a parameter in the vulnerable function that calls a user-provided package name by instead providing a package with a malicious name that contains an OS command injection payload. | -- | May 22, 2023 |
| CVE-2023-32349 | Version 00.07.03.4 and prior of Teltonika’s RUT router firmware contain a packet dump utility that contains proper validation for filter parameters. However, variables for validation checks are stored in an external configuration file. An authenticated attacker could use an exposed UCI configuration utility to change these variables and enable malicious parameters in the dump utility, which could result in arbitrary code execution. | -- | May 22, 2023 |
| CVE-2021-45036 | Velneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims\'s username and hashed password to spoof the victim\'s id against the server. | -- | Dec 1, 2022 |
| CVE-2023-43635 | Vault Key Sealed With SHA1 PCRs The measured boot solution implemented in EVE OS leans on a PCR locking mechanism. Different parts of the system update different PCR values in the TPM, resulting in a unique value for each PCR entry. These PCRs are then used in order to seal/unseal a key from the TPM which is used to encrypt/decrypt the “vault” directory. This “vault” directory is the most sensitive point in the system and as such, its content should be protected. This mechanism is noted in Zededa’s documentation as the “measured boot” mechanism, designed to protect said “vault”. The code that’s responsible for generating and fetching the key from the TPM assumes that SHA256 PCRs are used in order to seal/unseal the key, and as such their presence is being checked. The issue here is that the key is not sealed using SHA256 PCRs, but using SHA1 PCRs. This leads to several issues: • Machines that have their SHA256 PCRs enabled but SHA1 PCRs disabled, as well as not sealing their keys at all, meaning the “vault” is not protected from an attacker. • SHA1 is considered insecure and reduces the complexity level required to unseal the key in machines which have their SHA1 PCRs enabled. An attacker can very easily retrieve the contents of the “vault”, which will effectively render the “measured boot” mechanism meaningless. | -- | Sep 20, 2023 |
| CVE-2023-3897 | Username enumeration is possible through Bypassing CAPTCHA in On-premise SureMDM Solution on Windows deployment allows attacker to enumerate local user information via error message. This issue affects SureMDM On-premise: 6.31 and below version | -- | Jul 25, 2023 |
| CVE-2023-0383 | User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1 due to uncontrolled memory consumption. | -- | Apr 20, 2023 |
| CVE-2023-0384 | User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1 due to uncontrolled memory consumption for a scheduled job. | -- | Apr 20, 2023 |
| CVE-2023-21412 | User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for SQL injections. | -- | Aug 3, 2023 |
| CVE-2023-21410 | User provided input is not sanitized on the AXIS License Plate Verifier specific “api.cgi” allowing for arbitrary code execution. | -- | Aug 3, 2023 |
| CVE-2023-21411 | User provided input is not sanitized in the “Settings > Access Control” configuration interface allowing for arbitrary code execution. | -- | Aug 3, 2023 |
| CVE-2024-3543 | Use of reversible password encryption algorithm allows attackers to decrypt passwords. Sensitive information can be easily unencrypted by the attacker, stolen credentials can be used for arbitrary actions to corrupt the system. | -- | May 2, 2024 |
| CVE-2023-23450 | Use of Password Hash Instead of Password for Authentication in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to use a password hash instead of an actual password to login to a valid user account via the REST interface. | -- | May 15, 2023 |
| CVE-2022-43485 | Use of Insufficiently Random Values in Honeywell OneWireless. This vulnerability may allow attacker to manipulate claims in client\'s JWT token. This issue affects OneWireless version 322.1 | -- | May 30, 2023 |
| CVE-2023-39212 | Untrusted search path in Zoom Rooms for Windows before version 5.15.5 may allow an authenticated user to enable a denial of service via local access. | -- | Aug 8, 2023 |
| CVE-2023-36536 | Untrusted search path in the installer for Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access. | -- | Jul 11, 2023 |
| CVE-2024-27768 | Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-22: \'Path Traversal\' may allow RCE | -- | Mar 18, 2024 |
| CVE-2024-27772 | Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-78: \'OS Command Injection\' may allow RCE | -- | Mar 18, 2024 |
| CVE-2024-27773 | Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-348: Use of Less Trusted Source may allow RCE | -- | Mar 18, 2024 |
| CVE-2024-27774 | Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-259: Use of Hard-coded Password may allow disclosing Sensitive Information Embedded inside Device\'s Firmware | -- | Mar 18, 2024 |
| CVE-2024-27771 | Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-22: \'Path Traversal\' may allow RCE | -- | Mar 18, 2024 |
| CVE-2024-27770 | Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-23: Relative Path Traversal | -- | Mar 18, 2024 |
| CVE-2024-27769 | Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor may allow Taking Ownership Over Devices | -- | Mar 18, 2024 |
| CVE-2024-23805 | Undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. For the Application Visibility and Reporting module, this may occur when the HTTP Analytics profile with URLs enabled under Collected Entities is configured on a virtual server and the DB variables avr.IncludeServerInURI or avr.CollectOnlyHostnameFromURI are enabled. For BIG-IP Advanced WAF and ASM, this may occur when either a DoS or Bot Defense profile is configured on a virtual server and the DB variables avr.IncludeServerInURI or avr.CollectOnlyHostnameFromURI are enabled. Note: The DB variables avr.IncludeServerInURI and avr.CollectOnlyHostnameFromURI are not enabled by default. For more information about the HTTP Analytics profile and the Collect URLs setting, refer to K30875743: Create a new Analytics profile and attach it to your virtual servers https://my.f5.com/manage/s/article/K30875743 . Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | -- | Feb 14, 2024 |
| CVE-2023-5624 | Under certain conditions, Nessus Network Monitor was found to not properly enforce input validation. This could allow an admin user to alter parameters that could potentially allow a blindSQL injection. | -- | Oct 26, 2023 |
| CVE-2023-5622 | Under certain conditions, Nessus Network Monitor could allow a low privileged user to escalate privileges to NT AUTHORITY\\SYSTEM on Windows hosts by replacing a specially crafted file. | -- | Oct 26, 2023 |
| CVE-2024-32761 | Under certain conditions, a potential data leak may occur in the Traffic Management Microkernels (TMMs) of BIG-IP tenants running on VELOS and rSeries platforms. However, this issue cannot be exploited by an attacker because it is not consistently reproducible and is beyond an attacker\'s control. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | -- | May 8, 2024 |
| CVE-2023-5847 | Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts. | -- | Nov 1, 2023 |
