Big Ip Service Proxy F5 Networks Big Ip Service Proxy

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in F5 Networks Big Ip Service Proxy.

By the Year

In 2025 there have been 0 vulnerabilities in F5 Networks Big Ip Service Proxy. Big Ip Service Proxy did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2025 0 0.00
2024 0 0.00
2023 2 7.50
2022 0 0.00
2021 1 7.50
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Big Ip Service Proxy vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent F5 Networks Big Ip Service Proxy Security Vulnerabilities

On BIG-IP Virtual Edition versions 15.1x beginning in 15.1.4 to before 15.1.8 and 14.1.x beginning in 14.1.5 to before 14.1.5.3, and BIG-IP SPK beginning in 1.5.0 to before 1.6.0, when FastL4 profile is configured on a virtual server, undisclosed traffic

CVE-2023-23555 7.5 - High - February 01, 2023

On BIG-IP Virtual Edition versions 15.1x beginning in 15.1.4 to before 15.1.8 and 14.1.x beginning in 14.1.5 to before 14.1.5.3, and BIG-IP SPK beginning in 1.5.0 to before 1.6.0, when FastL4 profile is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Improper Initialization

On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, and BIG-IP SPK starting in version 1.6.0, when a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, undisclosed requests

CVE-2023-22664 7.5 - High - February 01, 2023

On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, and BIG-IP SPK starting in version 1.6.0, when a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Resource Exhaustion

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers

CVE-2002-20001 7.5 - High - November 11, 2021

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.

Resource Exhaustion

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for F5 Networks Traffix Signaling Delivery Controller or by F5 Networks? Click the Watch button to subscribe.

F5 Networks
Vendor

subscribe