cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-41164,https://securityvulnerability.io/vulnerability/CVE-2024-41164,Traffic Termination Due to Unforeseen Circumstances in Virtual Servers,"A configuration fault exists in F5 Networks' Virtual Server when Multipath TCP (MPTCP) is enabled. Undisclosed traffic, along with specific conditions outside the attacker's control, can lead to an unexpected termination of the Traffic Management Microkernel (TMM). This vulnerability highlights the need for diligent monitoring and management of MPTCP settings to prevent potential disruptions and maintain service integrity.",F5,"Big-ip,Big-ip Next Cnf,Big-ip Next Spk",7.5,HIGH,0.0004600000102072954,false,false,false,false,,false,false,2024-08-14T14:32:31.623Z,0
CVE-2024-23306,https://securityvulnerability.io/vulnerability/CVE-2024-23306,Undisclosed Sensitive Files Vulnerability in BIG-IP Next CNF and SPK Systems,"
A vulnerability exists in BIG-IP Next CNF and SPK systems that may allow access to undisclosed sensitive files.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated",F5,"BIG-IP Next SPK,BIG-IP Next CNF",4.4,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-02-14T16:30:23.515Z,0
CVE-2024-23314,https://securityvulnerability.io/vulnerability/CVE-2024-23314,Undisclosed Responses in HTTP/2 Configured BIG-IP Systems Can Cause TMM Termination,"A vulnerability impacting F5 Networks' BIG-IP and BIG-IP Next systems arises when HTTP/2 is configured. This can lead to undefined responses causing the Traffic Management Microkernel (TMM) to unexpectedly terminate. It is essential for organizations using these platforms to evaluate their configurations and apply necessary patches to prevent system disruptions, particularly for software versions that are still under support.",F5,"Big-ip,Big-ip Next Spk",7.5,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-02-14T16:30:23.152Z,0
CVE-2023-40534,https://securityvulnerability.io/vulnerability/CVE-2023-40534,BIG-IP HTTP/2 vulnerability,"A vulnerability exists in F5 BIG-IP when a client's HTTP/2 profile and HTTP MRF Router option are enabled on a virtual server. If an iRule configured with the HTTP_REQUEST event or a Local Traffic Policy is associated with this virtual server, certain undisclosed requests may lead to the termination of the Traffic Management Microkernel (TMM). This issue emphasizes the need for vigilant monitoring and management of configurations to prevent service interruptions.",F5,"Big-ip,Big-ip Next Spk",7.5,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2023-10-10T13:15:00.000Z,0
CVE-2023-45226,https://securityvulnerability.io/vulnerability/CVE-2023-45226,BIG-IP Next SPK SSH vulnerability,"The Traffic Management Module (TMM) in F5 BIG-IP products has been found to contain hardcoded credentials within the f5-debug-sidecar and f5-debug-sshd containers. This security flaw allows an attacker who can intercept traffic to impersonate the SPK Secure Shell (SSH) server, posing significant risks when SSH debugging is enabled. Organizations using affected software versions should review their configurations to mitigate potential exploitation of this vulnerability, especially for versions that have not reached End of Technical Support.",F5,Big-ip Next Spk,7.4,HIGH,0.0013699999544769526,false,false,false,false,,false,false,2023-10-10T13:15:00.000Z,0