F5 ARX 6.0.0

CPE Details

F5 ARX 6.0.0
f5
arx
6.0.0
2014-12-10
16h51 +00:00
2015-01-07
15h16 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:f5:arx:6.0.0:*:*:*:*:*:*:*

Informations

Vendor

f5

Product

arx

Version

6.0.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2013-3587 2020-02-21 16h11 +00:00 The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a "BREACH" attack, a different issue than CVE-2012-4929.
5.9
Medium
CVE-2014-2927 2014-10-15 12h00 +00:00 The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address.
9.3
CVE-2011-3188 2012-05-24 21h00 +00:00 The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.
9.1
Critical