Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 access policy manager clients vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2023-43124
BIG-IP APM clients may send IP traffic outside of the VPN tunnel. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 17.1.0
F5 Big-ip Access Policy Manager 13.1.5.1
F5 Big-ip Access Policy Manager Client
8.2
CVSSv3
CVE-2023-43125
BIG-IP APM clients may send IP traffic outside of the VPN tunnel. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 17.1.0
F5 Big-ip Access Policy Manager 13.1.5.1
F5 Big-ip Access Policy Manager Client
7.8
CVSSv3
CVE-2023-38418
The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Big-ip Access Policy Manager
F5 Access Policy Manager Clients
7.8
CVSSv3
CVE-2022-29263
On F5 BIG-IP APM 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions before 7.2.1.5, the BIG-IP Edge Client Component...
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 11.6.1
F5 Big-ip Access Policy Manager 13.1.0
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Access Policy Manager 15.1.0
F5 Big-ip Access Policy Manager 14.1.4
F5 Big-ip Access Policy Manager 16.1.0
F5 Big-ip Access Policy Manager 17.0.0
F5 Big-ip Access Policy Manager 11.6.3
F5 Big-ip Access Policy Manager 11.6.4
F5 Big-ip Access Policy Manager 11.6.5
F5 Big-ip Access Policy Manager 12.1.3
F5 Big-ip Access Policy Manager 12.1.4
F5 Big-ip Access Policy Manager 12.1.5
F5 Big-ip Access Policy Manager 12.1.6
F5 Big-ip Access Policy Manager 13.1.1
F5 Big-ip Access Policy Manager 13.1.3
F5 Big-ip Access Policy Manager 13.1.4
F5 Big-ip Access Policy Manager 13.1.5
F5 Big-ip Access Policy Manager 14.1.2
7.8
CVSSv3
CVE-2022-28714
On F5 BIG-IP APM 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions before 7.2.1.5, a DLL Hijacking vulnerability ex...
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 11.6.1
F5 Big-ip Access Policy Manager 13.1.0
F5 Big-ip Access Policy Manager Client 7.1.7
F5 Big-ip Access Policy Manager Client 7.1.6
F5 Big-ip Access Policy Manager Client 7.1.6.1
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Access Policy Manager 15.1.0
F5 Big-ip Access Policy Manager 12.1.4
F5 Big-ip Access Policy Manager 12.1.5
F5 Big-ip Access Policy Manager 12.1.6
F5 Big-ip Access Policy Manager 13.1.1
F5 Big-ip Access Policy Manager 13.1.3
F5 Big-ip Access Policy Manager 13.1.4
F5 Big-ip Access Policy Manager 13.1.5
F5 Big-ip Access Policy Manager 14.1.2
F5 Big-ip Access Policy Manager 14.1.3
F5 Big-ip Access Policy Manager 14.1.4
F5 Big-ip Access Policy Manager 15.1.1
F5 Big-ip Access Policy Manager 15.1.2
7.5
CVSSv3
CVE-2021-22999
On versions 15.0.x prior to 15.1.0 and 14.1.x prior to 14.1.4, the BIG-IP system provides an option to connect HTTP/2 clients to HTTP/1.x servers. When a client is slow to accept responses and it closes a connection prematurely, the BIG-IP system may indefinitely retain some stre...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Ssl Orchestrator
4.5
CVSSv3
CVE-2021-23002
When using BIG-IP APM 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, or all 12.1.x and 11.6.x versions or Edge Client versions 7.2.1.x prior to 7.2.1.1, 7.1.9.x prior to 7.1.9.8, or 7.1.8.x prior to 7.1.8.5, the session ID is...
F5 Access Policy Manager Clients
F5 Big-ip Access Policy Manager
7.8
CVSSv3
CVE-2021-22980
In Edge Client version 7.2.x prior to 7.2.1.1, 7.1.9.x prior to 7.1.9.8, and 7.1.x-7.1.8.x prior to 7.1.8.5, an untrusted search path vulnerability in the BIG-IP APM Client Troubleshooting Utility (CTU) for Windows could allow an malicious user to load a malicious DLL library fro...
F5 Access Policy Manager Clients
F5 Big-ip Access Policy Manager
7.5
CVSSv3
CVE-2018-5743
By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit...
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 15.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 15.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 15.0.0
F5 Big-ip Analytics
F5 Big-ip Analytics 15.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 15.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 15.0.0
F5 Big-ip Edge Gateway
F5 Big-ip Edge Gateway 15.0.0
F5 Big-ip Fraud Protection Service
F5 Big-ip Fraud Protection Service 15.0.0
F5 Big-ip Global Traffic Manager
F5 Big-ip Global Traffic Manager 15.0.0
F5 Big-ip Link Controller
F5 Big-ip Link Controller 15.0.0
F5 Big-ip Webaccelerator
F5 Big-ip Webaccelerator 15.0.0
3 Github repositories
7.5
CVSSv3
CVE-2019-6656
BIG-IP APM Edge Client before version 7.1.8 (7180.2019.508.705) logs the full apm session ID in the log files. Vulnerable versions of the client are bundled with BIG-IP APM versions 15.0.0-15.0.1, 14,1.0-14.1.0.6, 14.0.0-14.0.0.4, 13.0.0-13.1.1.5, 12.1.0-12.1.5, and 11.5.1-11.6.5...
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »