CVE-2020-27724

MEDIUM Year: 2020
CVSS v3 Score
6.5
Medium
CVSS v2 Score
4.0
Medium
Weakness Type
CWE-400
View all →

Vulnerability Description

In BIG-IP APM versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, on systems running more than one TMM instance, authenticated VPN users may consume excessive resources by sending specially-crafted malicious traffic over the tunnel.

Related Vulnerabilities

CVE-2006-6017

MEDIUM
CVSS:6.5(Medium)

WordPress before 2.0.5 does not properly store a profile containing a string representation of a serialized object, which allows remote authenticated users to cause a denial of service (application cr...

CWE-4002006

CVE-2011-1459

MEDIUM
CVSS:6.5(Medium)

The WebKit::WebPluginContainerImpl::handleEvent function in Google Chrome before Blink M11 allows an attacker to cause a denial of service (crash) via the htmlpluginelement.cpp plugin.

CWE-4002011

CVE-2012-0260

MEDIUM
CVSS:6.5(Medium)

The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of res...

CWE-4002012

CVE-2012-4863

MEDIUM
CVSS:6.5(Medium)

IBM WebSphere MQ 7.1 and 7.5: Queue manager has a DoS vulnerability

CWE-4002012

CVE-2014-3672

MEDIUM
CVSS:6.5(Medium)

The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr.

CWE-4002014

CVE-2014-7813

MEDIUM
CVSS:6.5(Medium)

Red Hat CloudForms 3 Management Engine (CFME) allows remote authenticated users to cause a denial of service (resource consumption) via vectors involving calls to the .to_sym rails function and lack o...

CWE-4002014