VARIoT IoT vulnerabilities database

In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, system calls read directly from memory addresses within the control program area without any verification. Manipulating this data could allow attacker data to be copied anywhere within memory. The Triconex Tricon 3008 is a network equipment product from Schneider Electric, France. Schneider Electric Triconex Tricon 3008 MP is prone to multiple memory corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code within the context of the affected device. Failed exploit attempts may result in a denial-of-service condition. Triconex Tricon 3008 MP Firmware versions 10.0 through 10.4 are vulnerable

A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event related action such as read and write, which may allow remote code execution. InduSoft Web Studio and InTouch Machine Edition 2017 Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric InduSoft Web Studio and InTouch Machine Edition are embedded HMI software packages from Schneider Electric, France. The product provides read, write tag and event monitoring for HMI clients. Multiple Schneider Electric Products are prone to a stack-based buffer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected device. Failed exploit attempts will likely cause a denial-of-service condition

Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. An attacker who is in the same subnetwork of the camera or has remote administrator access can fully compromise the device by performing a firmware recovery using a custom image. Foscam C1 Indoor HD Camera Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FoscamC1IndoorHDCamera is a wireless HD IP camera from China Foscam. A security vulnerability exists in the recovery process used in FoscamC1IndoorHDCamera, which is caused by a program that does not adequately perform security checks. ### Tested Versions Foscam Indoor IP Camera C1 Series System Firmware Version: 1.9.3.18 Application Firmware Version: 2.52.2.43 Plug-In Version: 3.3.0.26 ### Product URLs http://www.foscam.com/downloads/index.html ### CVSSv3 Score 9.6 - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H ### CWE CWE-287: Improper Authentication ### Details Foscam produces a series of IP-capable surveillance devices, network video recorders, and baby monitors for the end-user. Foscam produces a range of cameras for both indoor and outdoor use and with wireless capability. One of these models is the C1 series which contains a web-based user interface for management and is based on..

On Appear TV XC5000 and XC5100 devices with firmware 3.26.217, it is possible to read OS files with a specially crafted HTTP request (such as GET /../../../../../../../../../../../../etc/passwd) to the web server (fuzzd/0.1.1) running the Maintenance Center on port TCP/8088. This can lead to full compromise of the device. Appear TV XC5000 and XC5100 There is a path traversal vulnerability in device firmware.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. The AppearTVXC5000 and XC5100 are versatile carrier-grade broadcasters from Norwegian AppearTV. A security vulnerability exists in AppearTVXC5000 and XC5100 using firmware version 3.26.217

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Install). Supported versions that are affected are Java SE: 8u162 and 10. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE executes to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: Applies to installation process on client deployment of Java. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H). Oracle Java SE Is Install There are vulnerabilities that affect confidentiality, integrity, and availability due to incomplete handling.Information is obtained by local users, information is altered, and service operation is interrupted. (DoS) An attack may be carried out. This issue affects the 'Install' component. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201903-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Oracle JDK/JRE: Multiple vulnerabilities Date: March 14, 2019 Bugs: #653560, #661456, #676134 ID: 201903-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Oracleas JDK and JRE software suites. Background ========== Java Platform, Standard Edition (Java SE) lets you develop and deploy Java applications on desktops and servers, as well as in todayas demanding embedded environments. Java offers the rich user interface, performance, versatility, portability, and security that todayas applications require. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-java/oracle-jdk-bin < 1.8.0.202 >= 1.8.0.202 2 dev-java/oracle-jre-bin < 1.8.0.202 >= 1.8.0.202 ------------------------------------------------------------------- 2 affected packages Description =========== Multiple vulnerabilities have been discovered in Oracleas JDK and JRE software suites. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could possibly execute arbitrary code with the privileges of the process, gain access to information, or cause a Denial of Service condition. Workaround ========== There is no known workaround at this time. Resolution ========== All Oracle JDK bin users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.8.0.202" All Oracle JRE bin users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.8.0.202" References ========== [ 1 ] CVE-2018-2790 https://nvd.nist.gov/vuln/detail/CVE-2018-2790 [ 2 ] CVE-2018-2794 https://nvd.nist.gov/vuln/detail/CVE-2018-2794 [ 3 ] CVE-2018-2795 https://nvd.nist.gov/vuln/detail/CVE-2018-2795 [ 4 ] CVE-2018-2796 https://nvd.nist.gov/vuln/detail/CVE-2018-2796 [ 5 ] CVE-2018-2797 https://nvd.nist.gov/vuln/detail/CVE-2018-2797 [ 6 ] CVE-2018-2798 https://nvd.nist.gov/vuln/detail/CVE-2018-2798 [ 7 ] CVE-2018-2799 https://nvd.nist.gov/vuln/detail/CVE-2018-2799 [ 8 ] CVE-2018-2800 https://nvd.nist.gov/vuln/detail/CVE-2018-2800 [ 9 ] CVE-2018-2811 https://nvd.nist.gov/vuln/detail/CVE-2018-2811 [ 10 ] CVE-2018-2814 https://nvd.nist.gov/vuln/detail/CVE-2018-2814 [ 11 ] CVE-2018-2815 https://nvd.nist.gov/vuln/detail/CVE-2018-2815 [ 12 ] CVE-2019-2422 https://nvd.nist.gov/vuln/detail/CVE-2019-2422 [ 13 ] CVE-2019-2426 https://nvd.nist.gov/vuln/detail/CVE-2019-2426 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201903-14 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2019 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5

Intel NUC kits with insufficient input validation in system firmware, potentially allows a local attacker to elevate privileges to System Management Mode (SMM). Multiple Intel Products are prone to a local privilege-escalation vulnerability. Local attackers may exploit this issue to gain elevated privileges. Intel MKKBLY35.86A is a firmware used in Intel NUC products by Intel Corporation of the United States. An input validation error vulnerability exists in several Intel products due to the program's inadequate implementation of input validation. The following products and versions are affected: Intel MKKBLY35.86A; MKKBLi5v.86A; GKAPLCPX.86A; DNKBLi7v.86A; DNKBLi5v.86A; DNKBLi30.86A; 86A; MYBDWi5v.86A; MYBDWi30.86A; TYBYT10H.86A; FYBYT10H.86A; CCSKLm5v.86A;

A vulnerability in MikroTik Version 6.41.4 could allow an unauthenticated remote attacker to exhaust all available CPU and all available RAM by sending a crafted FTP request on port 21 that begins with many '\0' characters, preventing the affected router from accepting new FTP connections. The router will reboot after 10 minutes, logging a "router was rebooted without proper shutdown" message. MikroTik Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. MikroTik is a routing operating system based on Linux kernel developed by Latvian MikroTik Company. This system turns a PC computer into a professional router. A security vulnerability exists in MikroTik version 6.41.4

D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have XSS in the Treturn parameter to /htdocs/webinc/js/bsc_sms_inbox.php. B The device contains a cross-site scripting vulnerability.Information may be obtained or information may be altered. D-LinkDIR-815REV.B is a wireless router product from D-Link. A cross-site scripting vulnerability exists in D-LinkDIR-815REV.B with DIR-815_REVB_FIRMWARE_PATCH_2.07.B01 and previous firmware. A remote attacker could exploit the vulnerability to obtain authentication cookies by sending a 'Treturn' parameter to the /htdocs/webinc/js/bsc_sms_inbox.php file

D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have XSS in the RESULT parameter to /htdocs/webinc/js/info.php. B The device contains a cross-site scripting vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. D-LinkDIR-815REV.B is a wireless router product from D-Link. A cross-site scripting vulnerability exists in D-LinkDIR-815REV.B with DIR-815_REVB_FIRMWARE_PATCH_2.07.B01 and previous firmware. A remote attacker could exploit the vulnerability to obtain authentication cookies by sending a \342\200\230RESULT\342\200\231 parameter to the /htdocs/webinc/js/info.php file

D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have permission bypass and information disclosure in /htdocs/web/getcfg.php, as demonstrated by a /getcfg.php?a=%0a_POST_SERVICES%3DDEVICE.ACCOUNT%0aAUTHORIZED_GROUP%3D1 request. B The device contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-815REV.B is a wireless router product from D-Link. A security vulnerability exists in the /htdocs/web/getcfg.php file in D-LinkDIR-815REV.B using DIR-815_REVB_FIRMWARE_PATCH_2.07.B01 and previous firmware. An attacker could exploit the vulnerability to bypass permissions and obtain information. B using DIR-815_REVB_FIRMWARE_PATCH_2.07.B01 and earlier firmware

Shenzhen Tongwei Digital Technology Co., Ltd. (TVT) is a world-class product and system solution provider for video security in R&D, production, sales and service. It provides users in more than 120 countries and regions around the world. Core competing video security products and solutions. 1) TVTDVR/NVR/IPC has hard-coded Web management interface credentials, remote command execution on Web management interface, Base64-based authentication stack overflow, hard-coded telnet credentials, TCP/4567 port information leakage and remote command execution vulnerability. An attacker can exploit the vulnerability to obtain hard-coded passwords; insert arbitrary commands into the POST XML data and execute them, combined with hard-coded Web management interface credentials vulnerabilities, can be executed without restrictions on remote commands; based on hard-coded credentials, can be downloaded from TCP/4567 port The configuration file of the remote system, which contains the name and password of the civilized name. By sending a specially crafted base64 encoded XML packet (containing a 32-byte binary header) to the TCP/4567 port, an unauthenticated remote command execution vulnerability can result.

RS485 Temperature and Humidity Recorder / Temperature and Humidity Controller This transmitter is widely used in communication rooms, warehouse buildings, and self-control places that require temperature and humidity monitoring. The input power, temperature measurement unit and signal output of the sensor are completely isolated. There is a loophole in the logic design of the Jianda Renke 485 device. An attacker can use the attacker to impersonate the 485 device and preemptively respond to the counterfeit data of the host's query command.

On F5 BIG-IP PEM versions 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.5.1-11.5.5, or 11.2.1, under certain conditions, TMM may crash when processing compressed data though a Virtual Server with an associated PEM profile using the content insertion option. F5 BIG-IP PEM Contains a data processing vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. F5BIG-IP is an all-in-one network device that integrates network traffic management, application security management, load balancing and other functions. PEM is one of the policy execution managers. There is a security hole in F5BIG-IPPEM. An attacker could exploit the vulnerability to cause a denial of service (TrafficManagementMicrokernel crash). A security vulnerability exists in the F5 BIG-IP PEM. The following versions are affected: F5 BIG-IP PEM version 13.0.0, version 12.0.0 to version 12.1.3.1, version 11.6.0 to version 11.6.2, version 11.5.1 to version 11.5.5, version 11.2.1

An issue was discovered in MikroTik RouterOS 6.41.4. Missing OpenVPN server certificate verification allows a remote unauthenticated attacker capable of intercepting client traffic to act as a malicious OpenVPN server. This may allow the attacker to gain access to the client's internal network (for example, at site-to-site tunnels). MikroTik RouterOS Contains a certificate validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MikroTik RouterOS is a routing operating system based on Linux kernel developed by Latvian MikroTik Company. This system turns a PC computer into a professional router. There is a security vulnerability in MikroTik RouterOS 6.41.4 version, which is caused by the lack of verification of the OpenVPN server certificate in the program

On F5 BIG-IP versions 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.2, or 11.5.1-11.5.5, vCMP guests running on VIPRION 2100, 4200 and 4300 series blades cannot correctly decrypt ciphertext from established SSL sessions with small MTU. F5 BIG-IP Contains a cryptographic vulnerability.Information may be obtained. F5BIG-IPLTM and other products are products of American F5 Company. F5BIG-IPLTM is a local traffic manager; BIG-IPAAM is an application acceleration manager. An attacker could exploit the vulnerability to cause a denial of service (SSL disconnection). F5 BIG-IP LTM, etc. The following products and versions are affected: F5 BIG-IP LTM Version 13.0.0, Version 12.1.0 to Version 12.1.3.1, Version 11.6.1 to Version 11.6.2, Version 11.5.1 to Version 11.5.5; IG-IP AAM 13.0.0, 12.1.0 to 12.1.3.1, 11.6.1 to 11.6.2, 11.5.1 to 11.5.5; IG-IP AFM 13.0.0, 12.1.0 to 12.1.3.1, 11.6.1 to 11.6.2, 11.5.1 to 11.5.5; IG-IP Analytics 13.0.0, 12.1.0 to 12.1.3.1, 11.6.1 to 11.6 .2 version, 11.5.1 to 11.5.5 version; IG-IP APM 13.0.0 version, 12.1.0 to 12.1.3.1 version, 11.6.1 to 11.6.2 version, 11.5.1 to 11.5 version. 5 version; IG-IP ASM version 13.0.0, 12.1.0 to 12.1.3.1, 11.6.1 to 11.6.2, 11.5.1 to 11.5.5; IG-IP DNS 13.0.0 , 12.1.0 to 12.1.3.1, 11.6.1 to 11.6.2, 11.5.1 to 11.5.5; IG-IP Edge Gateway 13.0.0, 12.1.0 to 12.1.3.1 , 11.6.1 to 11.6.2, 11.5.1 to 11.5.5; IG-IP GTM 13.0.0, 12.1.0 to 12.1.3.1, 11.6.1 to 11

In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 there is a vulnerability in TMM related to handling of invalid IP addresses. plural F5 BIG-IP The product contains data processing vulnerabilities.Tampering with information and disrupting service operations (DoS) There is a possibility of being put into a state. F5 BIG-IP LTM, etc. are all products of F5 Company in the United States. LTM is a local traffic manager; APM is a solution that provides secure unified access to business-critical applications and networks. Traffic Management Microkernel (TMM) is one of the service processes that performs traffic management. A security vulnerability exists in TMM in several F5 products. An attacker could exploit this vulnerability to cause the TMM to reboot or cause the BIG-IP system to fail over to a peer device. The following products and versions are affected: F5 BIG-IP LTM Versions 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP AAM 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP AFM 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP Analytics 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.5 .1 to 11.5.5, 11.2.1; BIG-IP APM 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2. 1 version; BIG-IP ASM version 12.0.0 through 12.1.2, version 11.6.0 through version 11.6.1, version 11.5.1 through version 11.5.5, version 11.2.1; BIG-IP DNS version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP Edge Gateway 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP GTM 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.5

On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated administrative users execute commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced. F5 BIG-IP Contains an access control vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. F5BIG-IPLTM and other products are products of American F5 Company. F5BIG-IPLTM is a local traffic manager; BIG-IPAAM is an application acceleration manager. An attacker could exploit this vulnerability to increase privileges. F5 BIG-IP LTM, etc. The following products and versions are affected: F5 BIG-IP LTM Release 13.1.0, Release 13.0.0; F5 BIG-IP AAM Release 13.1.0, Release 13.0.0; F5 BIG-IP AFM Release 13.1.0, Release 13.0.0 Versions; F5 BIG-IP Analytics Version 13.1.0, Version 13.0.0; F5 BIG-IP APM Version 13.1.0, Version 13.0.0; F5 BIG-IP ASM Version 13.1.0, Version 13.0.0; F5 BIG-IP APM Version 13.1.0, Version 13.0.0; IP DNS Version 13.1.0, Version 13.0.0; F5 BIG-IP Edge Gateway Version 13.1.0, Version 13.0.0; F5 BIG-IP GTM Version 13.1.0, Version 13.0.0; F5 BIG-IP Link Controller 13.1 .0 version, version 13.0.0; F5 BIG-IP PEM version 13.1.0, version 13.0.0; F5 BIG-IP WebAccelerator version 13.1.0, version 13.0.0; F5 BIG-IP WebSafe version 13.1.0, version 13.0 .0 version; F5 BIG-IP Enterprise Manager version 3.1.1

When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 system is configured with a wildcard IPSec tunnel endpoint, it may allow a remote attacker to disrupt or impersonate the tunnels that have completed phase 1 IPSec negotiations. The attacker must possess the necessary credentials to negotiate the phase 1 of the IPSec exchange to exploit this vulnerability; in many environment this limits the attack surface to other endpoints under the same administration. plural F5 BIG-IP The product contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. F5BIG-IPLTM and other products are products of American F5 Company. F5BIG-IPLTM is a local traffic manager; BIG-IPAAM is an application acceleration manager. There are security vulnerabilities in several F5 products. F5 BIG-IP LTM, etc. The following products and versions are affected: F5 BIG-IP LTM Versions 12.1.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP AAM 12.1.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP AFM 12.1.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP Analytics 12.1.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5 .1 to 11.5.5, 11.2.1; BIG-IP APM 12.1.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2. 1 release; BIG-IP ASM 12.1.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP DNS 12.1.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP Edge Gateway 12.1.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP GTM 12.1.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.1 to Version 11.5.5, Version 11.2.1; BIG-IP Link Controller 12

In F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.1, 11.5.1-11.5.5, or 11.2.1 the Apache modules apache_auth_token_mod and mod_auth_f5_auth_token.cpp allow possible unauthenticated bruteforce on the em_server_ip authorization parameter to obtain which SSL client certificates used for mutual authentication between BIG-IQ or Enterprise Manager (EM) and managed BIG-IP devices. F5 BIG-IP Product Apache module Contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. F5BIG-IPLTM and other products are products of American F5 Company. F5BIG-IPLTM is a local traffic manager; BIG-IPAAM is an application acceleration manager. Both apache_auth_token_mod and mod_auth_f5_auth_token.cpp are modules in it. Apache_auth_token_mod is an anti-theft chain module. Mod_auth_f5_auth_token.cpp is an authentication module. There are security vulnerabilities in the apache_auth_token_mod and mod_auth_f5_auth_token.cppApache modules in several F5 products. F5 BIG-IP LTM, etc. The following products and versions are affected: F5 BIG-IP LTM Release 13.0.0, Release 12.1.0 to Release 12.1.2, Release 11.6.1, Release 11.5.1 to Release 11.5.5, Release 11.2.1; BIG-IP AAM 13.0.0, 12.1.0 to 12.1.2, 11.6.1, 11.5.1 to 11.5.5, 11.2.1; BIG-IP AFM 13.0.0, 12.1.0 to Version 12.1.2, Version 11.6.1, Version 11.5.1 through Version 11.5.5, Version 11.2.1; BIG-IP Analytics Version 13.0.0, Version 12.1.0 through Version 12.1.2, Version 11.6.1, Version 11.5 .1 to 11.5.5, 11.2.1; BIG-IP APM 13.0.0, 12.1.0 to 12.1.2, 11.6.1, 11.5.1 to 11.5.5, 11.2. 1 release; BIG-IP ASM release 13.0.0, release 12.1.0 to release 12.1.2, release 11.6.1, release 11.5.1 to release 11.5.5, release 11.2.1; BIG-IP DNS release 13.0.0 , version 12.1.0 to version 12.1.2, 11

On F5 BIG-IP 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.4.1-11.5.5, or 11.2.1, malformed SPDY or HTTP/2 requests may result in a disruption of service to TMM. Data plane is only exposed when a SPDY or HTTP/2 profile is attached to a virtual server. There is no control plane exposure. plural F5 BIG-IP The product contains data processing vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. F5BIG-IPLTM and other products are products of American F5 Company. F5BIG-IPLTM is a local traffic manager; BIG-IPAAM is an application acceleration manager. There are security vulnerabilities in several F5 products. An attacker could exploit the vulnerability by sending a malformed SPDY or HTTP/2 request to cause a denial of service. F5 BIG-IP LTM, etc. The following products and versions are affected: F5 BIG-IP LTM Release 13.0.0, Release 12.0.0 to Release 12.1.3.1, Release 11.6.0 to Release 11.6.2, Release 11.4.1 to Release 11.5.5, Release 11.2.1 Versions; BIG-IP AAM Version 13.0.0, Version 12.0.0 to Version 12.1.3.1, Version 11.6.0 to Version 11.6.2, Version 11.4.1 to Version 11.5.5, Version 11.2.1; BIG-IP AFM Version 13.0.0, Version 12.0.0 to Version 12.1.3.1, Version 11.6.0 to Version 11.6.2, Version 11.4.1 to Version 11.5.5, Version 11.2.1; BIG-IP APM Version 13.0.0, Version 12.0 .0 to 12.1.3.1, 11.6.0 to 11.6.2, 11.4.1 to 11.5.5, 11.2.1; BIG-IP ASM 13.0.0, 12.0.0 to 12.1. Version 3.1, Version 11.6.0 to Version 11.6.2, Version 11.4.1 to Version 11.5.5, Version 11.2.1; BIG-IP Edge Gateway Version 13.0.0, Version 12.0.0 to Version 12.1.3.1, Version 11.6. 0 to 11.6.2, 11.4.1 to 11.5.5, 11.2.1; BIG-IP Link Controller 13.0.0, 12.0.0 to 12.1.3.1, 11.6.0 to 11.6. 2 versions, 11.4.1 to 11.5.5, 11.2.1; BIG-IP PEM 13.0.0, 12.0.0 to 12.1.3.1, 11.6.0 to 11.6.2, 11.4.1 Version to version 11.5.5, version 11.2.1; BIG-IP PSM 13.0