Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

big-ip apm vulnerabilities and exploits

(subscribe to this query)
4.3
CVSSv2
CVE-2017-6168
On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) ...
F5 Big-ip LtmF5 Big-ip Ltm 13.0.0F5 Big-ip Application Acceleration Manager 13.0.0F5 Big-ip Application Acceleration ManagerF5 Big-ip AfmF5 Big-ip Afm 13.0.0F5 Big-ip Analytics 13.0.0F5 Big-ip AnalyticsF5 Big-ip ApmF5 Big-ip Apm 13.0.0F5 Big-ip AsmF5 Big-ip Asm 13.0.0F5 Big-ip Link ControllerF5 Big-ip Link Controller 13.0.0F5 Big-ip Pem 13.0.0F5 Big-ip PemF5 Websafe 13.0.0F5 WebsafeF5 Websafe 11.6.2
4.3
CVSSv2
CVE-2017-6166
In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12.0.0 to 12.1.1, in some cases the Traffic Management Microkernel (TMM) may crash when processing fragmented packets. This vulnerability affects TMM through a virtual server configured ...
F5 Big-ip ApmF5 Big-ip AnalyticsF5 Big-ip PemF5 Big-ip Link ControllerF5 Big-ip LtmF5 LinerateF5 F5 WebsafeF5 Big-ip AfmF5 Big-ip Application Acceleration ManagerF5 Big-ip DnsF5 Big-ip Asm
5
CVSSv2
CVE-2017-6138
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, re...
F5 Big-ip Local Traffic Manager 13.0.0F5 Big-ip Local Traffic ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Acceleration Manager 13.0.0F5 Big-ip Advanced Firewall Manager 13.0.0F5 Big-ip Advanced Firewall ManagerF5 Big-ip Analytics 13.0.0F5 Big-ip AnalyticsF5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager 13.0.0F5 Big-ip Application Security Manager 13.0.0F5 Big-ip Application Security ManagerF5 Big-ip Dns 13.0.0F5 Big-ip DnsF5 Big-ip Global Traffic Manager 13.0.0F5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Link Controller 13.0.0F5 Big-ip Policy Enforcement Manager 13.0.0F5 Big-ip Policy Enforcement ManagerF5 Big-ip Websafe 13.0.0F5 Big-ip Websafe
7.8
CVSSv2
CVE-2017-6133
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, undisclosed HTTP requests may cause a denial of service.
F5 Big-ip Local Traffic Manager 13.0.0F5 Big-ip Local Traffic ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Acceleration Manager 13.0.0F5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Firewall Manager 13.0.0F5 Big-ip Analytics 13.0.0F5 Big-ip AnalyticsF5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager 13.0.0F5 Big-ip Application Security ManagerF5 Big-ip Application Security Manager 13.0.0F5 Big-ip DnsF5 Big-ip Dns 13.0.0F5 Big-ip Link ControllerF5 Big-ip Link Controller 13.0.0F5 Big-ip Policy Enforcement ManagerF5 Big-ip Policy Enforcement Manager 13.0.0F5 Big-ip WebsafeF5 Big-ip Websafe 13.0.0
7.5
CVSSv2
CVE-2012-3000
Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x prior to 11.2.0-HF3 and 11.2.x prior to 11...
F5 Big-ip Webaccelerator 11.2.0F5 Big-ip Webaccelerator 11.2.1F5 Big-ip Webaccelerator 11.0.0F5 Big-ip Webaccelerator 11.1.0F5 Big-ip Global Traffic Manager 11.1.0F5 Big-ip Global Traffic Manager 11.0.0F5 Big-ip Global Traffic Manager 11.2.1F5 Big-ip Global Traffic Manager 11.2.0F5 Big-ip Local Traffic Manager 11.1.0F5 Big-ip Local Traffic Manager 11.0.0F5 Big-ip Local Traffic Manager 11.2.0F5 Big-ip Local Traffic Manager 11.2.1F5 Big-ip Protocol Security Module 11.0.0F5 Big-ip Protocol Security Module 11.1.0F5 Big-ip Protocol Security Module 11.2.0F5 Big-ip Protocol Security Module 11.2.1F5 Big-ip Wan Optimization Manager 11.0.0F5 Big-ip Wan Optimization Manager 11.2.0F5 Big-ip Wan Optimization Manager 11.2.1F5 Big-ip Wan Optimization Manager 11.1.0F5 Big-ip Link Controller 11.2.1F5 Big-ip Link Controller 11.1.0
9.3
CVSSv2
CVE-2013-0150
Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 up to and including 10.2.4 and 11.0.0 up to and including 11.3.0, FirePass 6.0.0 up to and including 6.1.0 and 7.0.0, and other products "when APM is ...
F5 Big-ip Advanced Firewall Manager 11.3.0F5 Big-ip Policy Enforcement Manager 11.3.0F5 Firepass 7.0.0F5 Big-ip Access Policy ManagerF5 Big-ip Edge GatewayF5 Big-ip WebacceleratorF5 Big-ip Wan Optimization ManagerF5 FirepassF5 Big-ip Link ControllerF5 Big-ip Global Traffic ManagerF5 Big-ip Protocol Security ModuleF5 Big-ip Local Traffic ManagerF5 Big-ip Application Security ManagerF5 Big-ip Analytics
8.5
CVSSv2
CVE-2017-6167
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, race conditions in iControl REST may lead to commands being executed with different privilege levels than expected.
F5 Big-ip Local Traffic Manager 13.0.0F5 Big-ip Local Traffic ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Acceleration Manager 13.0.0F5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Firewall Manager 13.0.0F5 Big-ip Analytics 13.0.0F5 Big-ip AnalyticsF5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager 13.0.0F5 Big-ip Application Security ManagerF5 Big-ip Application Security Manager 13.0.0F5 Big-ip DnsF5 Big-ip Dns 13.0.0F5 Big-ip Link Controller 13.0.0F5 Big-ip Link ControllerF5 Big-ip Policy Enforcement ManagerF5 Big-ip Policy Enforcement Manager 13.0.0F5 Big-ip WebsafeF5 Big-ip Websafe 13.0.0
5
CVSSv2
CVE-2022-27181
On F5 BIG-IP APM 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x and 11.6.x, when APM is configured on a virtual server and the associated access profile is configured wit...
F5 Big-ip Access Policy Manager 13.1.0F5 Big-ip Access Policy Manager 14.1.0F5 Big-ip Access Policy Manager 15.1.0F5 Big-ip Access Policy Manager 14.1.4F5 Big-ip Access Policy Manager 16.1.0F5 Big-ip Access Policy Manager 16.1.2F5 Big-ip Access Policy Manager 16.1.1F5 Big-ip Access Policy Manager 15.1.5F5 Big-ip Access Policy Manager 15.1.4F5 Big-ip Access Policy Manager 15.1.3F5 Big-ip Access Policy Manager 13.1.1F5 Big-ip Access Policy Manager 13.1.3F5 Big-ip Access Policy Manager 13.1.4F5 Big-ip Access Policy Manager 13.1.5F5 Big-ip Access Policy Manager 14.1.2F5 Big-ip Access Policy Manager 14.1.3F5 Big-ip Access Policy Manager 15.1.1F5 Big-ip Access Policy Manager 15.1.2
5
CVSSv2
CVE-2022-26890
On F5 BIG-IP Advanced WAF, ASM, and APM 16.1.x versions before 16.1.2.1, 15.1.x versions before 15.1.5, 14.1.x versions before 14.1.4.6, and 13.1.x versions before 13.1.5, when ASM or Advanced WAF, as well as APM, are configured on a virtual server, the ASM policy is configured w...
F5 Big-ip Access Policy Manager 13.1.0F5 Big-ip Application Security Manager 13.1.0F5 Big-ip Access Policy Manager 14.1.0F5 Big-ip Application Security Manager 14.1.0F5 Big-ip Application Security Manager 15.1.0F5 Big-ip Access Policy Manager 15.1.0F5 Big-ip Advanced Web Application Firewall 15.1.0F5 Big-ip Access Policy Manager 14.1.4F5 Big-ip Advanced Web Application Firewall 14.1.4F5 Big-ip Application Security Manager 14.1.4F5 Big-ip Access Policy Manager 13.1.1F5 Big-ip Access Policy Manager 13.1.3F5 Big-ip Access Policy Manager 13.1.4F5 Big-ip Access Policy Manager 13.1.5F5 Big-ip Access Policy Manager 14.1.2F5 Big-ip Access Policy Manager 14.1.3F5 Big-ip Access Policy Manager 15.1.1F5 Big-ip Access Policy Manager 15.1.2F5 Big-ip Access Policy Manager 15.1.3F5 Big-ip Access Policy Manager 15.1.4F5 Big-ip Access Policy Manager 15.1.5F5 Big-ip Access Policy Manager 16.1.0
3.3
CVSSv2
CVE-2017-6134
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0, 12.1.0 - 12.1.2 and 11.5.1 - 11.6.1, an undisclosed sequence of packets, sourced from an adjacent network may cause TMM to crash.
F5 Big-ip Local Traffic ManagerF5 Big-ip Local Traffic Manager 13.0.0F5 Big-ip Application Acceleration ManagerF5 Big-ip Application Acceleration Manager 13.0.0F5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Firewall Manager 13.0.0F5 Big-ip AnalyticsF5 Big-ip Analytics 13.0.0F5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager 13.0.0F5 Big-ip Application Security ManagerF5 Big-ip Application Security Manager 13.0.0F5 Big-ip Dns 13.0.0F5 Big-ip DnsF5 Big-ip Global Traffic Manager 13.0.0F5 Big-ip Global Traffic ManagerF5 Big-ip Link Controller 13.0.0F5 Big-ip Link ControllerF5 Big-ip Policy Enforcement ManagerF5 Big-ip Policy Enforcement Manager 13.0.0F5 Big-ip Websafe 13.0.0F5 Big-ip Websafe
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook