Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

f5 big-ip access policy manager 11.2.1 vulnerabilities and exploits

(subscribe to this query)
356
VMScore
CVE-2016-3687
Open redirect vulnerability in F5 BIG-IP APM 11.2.1, 11.4.x, 11.5.x, and 11.6.x prior to 11.6.0 HF6 and Edge Gateway 11.2.1, when using multi-domain single sign-on (SSO), allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a bas...
F5 Big-ip Access Policy Manager 11.5.4F5 Big-ip Access Policy Manager 11.5.3F5 Big-ip Access Policy Manager 11.5.2F5 Big-ip Access Policy Manager 11.5.1F5 Big-ip Access Policy Manager 11.6.0F5 Big-ip Access Policy Manager 11.5.0F5 Big-ip Access Policy Manager 11.4.0F5 Big-ip Access Policy Manager 11.4.1F5 Big-ip Access Policy Manager 11.2.1F5 Big-ip Edge Gateway 11.2.1
383
VMScore
CVE-2013-5975
The access policy logon page (logon.inc) in F5 BIG-IP APM 11.1.0 up to and including 11.2.1 allows remote malicious users to conduct clickjacking attacks via unspecified vectors.
F5 Big-ip Access Policy Manager 11.2.1F5 Big-ip Access Policy Manager 11.1.0F5 Big-ip Access Policy Manager 11.2.0
890
VMScore
CVE-2015-8098
F5 BIG-IP APM 11.4.1 prior to 11.4.1 HF9, 11.5.x prior to 11.5.3, and 11.6.0 prior to 11.6.0 HF4 allow remote malicious users to cause a denial of service or execute arbitrary code via unspecified vectors related to processing a Citrix Remote Desktop connection through a virtual ...
F5 Big-ip Access Policy Manager 11.5.1F5 Big-ip Access Policy Manager 11.6.0F5 Big-ip Access Policy Manager 11.2.0F5 Big-ip Access Policy Manager 11.2.1F5 Big-ip Access Policy Manager 11.4.0F5 Big-ip Access Policy Manager 11.3.0F5 Big-ip Access Policy Manager 11.5.0
383
VMScore
CVE-2016-3686
The Single Sign-On (SSO) feature in F5 BIG-IP APM 11.x prior to 11.6.0 HF6 and BIG-IP Edge Gateway 11.0.0 up to and including 11.3.0 might allow remote malicious users to obtain sensitive SessionId information by leveraging access to the Location HTTP header in a redirect.
F5 Big-ip Edge Gateway 11.3.0F5 Big-ip Edge Gateway 11.2.1F5 Big-ip Edge Gateway 11.2.0F5 Big-ip Edge Gateway 11.1.0F5 Big-ip Edge Gateway 11.0.0F5 Big-ip Access Policy Manager 11.5.4F5 Big-ip Access Policy Manager 11.5.3F5 Big-ip Access Policy Manager 11.4.0F5 Big-ip Access Policy Manager 11.2.1F5 Big-ip Access Policy Manager 11.6.0F5 Big-ip Access Policy Manager 11.3.0F5 Big-ip Access Policy Manager 11.2.0F5 Big-ip Access Policy Manager 11.1.0F5 Big-ip Access Policy Manager 11.0.0F5 Big-ip Access Policy Manager 11.5.2F5 Big-ip Access Policy Manager 11.5.1F5 Big-ip Access Policy Manager 11.5.0F5 Big-ip Access Policy Manager 11.4.1
383
VMScore
CVE-2018-5521
On F5 BIG-IP 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, carefully crafted URLs can be used to reflect arbitrary content into GeoIP lookup responses, potentially exposing clients to XSS.
F5 Big-ip Application Acceleration ManagerF5 Big-ip Application Acceleration Manager 11.2.1F5 Big-ip Local Traffic ManagerF5 Big-ip Local Traffic Manager 11.2.1F5 Big-ip Advanced Firewall Manager 11.2.1F5 Big-ip Advanced Firewall ManagerF5 Big-ip Analytics 11.2.1F5 Big-ip AnalyticsF5 Big-ip Access Policy Manager 11.2.1F5 Big-ip Access Policy ManagerF5 Big-ip Application Security ManagerF5 Big-ip Application Security Manager 11.2.1F5 Big-ip Domain Name SystemF5 Big-ip Domain Name System 11.2.1F5 Big-ip Edge Gateway 11.2.1F5 Big-ip Edge GatewayF5 Big-ip Global Traffic Manager 11.2.1F5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Link Controller 11.2.1F5 Big-ip Policy Enforcement ManagerF5 Big-ip Policy Enforcement Manager 11.2.1
570
VMScore
CVE-2017-6158
In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 there is a vulnerability in TMM related to handling of invalid IP addresses.
F5 Big-ip Local Traffic Manager 11.2.1F5 Big-ip Local Traffic ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Acceleration Manager 11.2.1F5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Firewall Manager 11.2.1F5 Big-ip AnalyticsF5 Big-ip Analytics 11.2.1F5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager 11.2.1F5 Big-ip Application Security Manager 11.2.1F5 Big-ip Application Security ManagerF5 Big-ip Edge GatewayF5 Big-ip Edge Gateway 11.2.1F5 Big-ip Global Traffic ManagerF5 Big-ip Global Traffic Manager 11.2.1F5 Big-ip Link ControllerF5 Big-ip Link Controller 11.2.1F5 Big-ip Policy Enforcement ManagerF5 Big-ip Policy Enforcement Manager 11.2.1F5 Big-ip Webaccelerator 11.2.1F5 Big-ip Webaccelerator
383
VMScore
CVE-2018-5501
In some circumstances, on F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, any 11.6.x or 11.5.x release, or 11.2.1, TCP DNS profile allows excessive buffering due to lack of flow control.
F5 Big-ip Local Traffic ManagerF5 Big-ip Local Traffic Manager 11.2.1F5 Big-ip Local Traffic Manager 13.0.0F5 Big-ip Application Acceleration Manager 11.2.1F5 Big-ip Application Acceleration ManagerF5 Big-ip Application Acceleration Manager 13.0.0F5 Big-ip Advanced Firewall Manager 11.2.1F5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Firewall Manager 13.0.0F5 Big-ip Analytics 13.0.0F5 Big-ip AnalyticsF5 Big-ip Analytics 11.2.1F5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager 11.2.1F5 Big-ip Access Policy Manager 13.0.0F5 Big-ip Application Security Manager 11.2.1F5 Big-ip Application Security ManagerF5 Big-ip Application Security Manager 13.0.0F5 Big-ip DnsF5 Big-ip Dns 13.0.0F5 Big-ip Dns 11.2.1F5 Big-ip Link Controller 11.2.1
445
VMScore
CVE-2017-6155
On F5 BIG-IP 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.4.1-11.5.5, or 11.2.1, malformed SPDY or HTTP/2 requests may result in a disruption of service to TMM. Data plane is only exposed when a SPDY or HTTP/2 profile is attached to a virtual server. There is no control plane expos...
F5 Big-ip Local Traffic ManagerF5 Big-ip Local Traffic Manager 11.2.1F5 Big-ip Local Traffic Manager 13.0.0F5 Big-ip Application Acceleration ManagerF5 Big-ip Application Acceleration Manager 13.0.0F5 Big-ip Application Acceleration Manager 11.2.1F5 Big-ip Advanced Firewall Manager 11.2.1F5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Firewall Manager 13.0.0F5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager 11.2.1F5 Big-ip Access Policy Manager 13.0.0F5 Big-ip Application Security ManagerF5 Big-ip Application Security Manager 11.2.1F5 Big-ip Application Security Manager 13.0.0F5 Big-ip Edge Gateway 11.2.1F5 Big-ip Edge GatewayF5 Big-ip Edge Gateway 13.0.0F5 Big-ip Link Controller 13.0.0F5 Big-ip Link ControllerF5 Big-ip Link Controller 11.2.1F5 Big-ip Policy Enforcement Manager
392
VMScore
CVE-2013-6024
The Edge Client components in F5 BIG-IP APM 10.x, 11.x, 12.x, 13.x, and 14.x, BIG-IP Edge Gateway 10.x and 11.x, and FirePass 7.0.0 allow malicious users to obtain sensitive information from process memory via unspecified vectors.
F5 Big-ip Edge Gateway 10.1.0F5 Big-ip Edge Gateway 10.2.4F5 Big-ip Access Policy Manager 11.0.0F5 Firepass 6.0.0F5 Firepass 6.1.0F5 Big-ip Access Policy Manager 11.2.0F5 Big-ip Access Policy Manager 11.2.1F5 Big-ip Access Policy Manager 10.2.4F5 Big-ip Access Policy Manager 11.1.0F5 Big-ip Access Policy Manager 11.3.0F5 Big-ip Access Policy Manager 10.1.0F5 Big-ip Edge Gateway 11.0.0F5 Big-ip Edge Gateway 11.5.0F5 Firepass 7.0.0
534
VMScore
CVE-2017-6156
When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 system is configured with a wildcard IPSec tunnel endpoint, it may allow a remote malicious user to disrupt or impersonate the tunnels that have completed phase 1 IPSec negotiations. The attacker must posse...
F5 Big-ip Local Traffic Manager 11.6.1F5 Big-ip Local Traffic Manager 11.2.1F5 Big-ip Local Traffic ManagerF5 Big-ip Application Acceleration Manager 11.2.1F5 Big-ip Application Acceleration ManagerF5 Big-ip Application Acceleration Manager 11.6.1F5 Big-ip Advanced Firewall Manager 11.2.1F5 Big-ip Advanced Firewall Manager 11.6.1F5 Big-ip Advanced Firewall ManagerF5 Big-ip Analytics 11.6.1F5 Big-ip Analytics 11.2.1F5 Big-ip AnalyticsF5 Big-ip Access Policy Manager 11.2.1F5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager 11.6.1F5 Big-ip Application Security ManagerF5 Big-ip Application Security Manager 11.2.1F5 Big-ip Application Security Manager 11.6.1F5 Big-ip Edge GatewayF5 Big-ip Edge Gateway 11.2.1F5 Big-ip Edge Gateway 11.6.1F5 Big-ip Global Traffic Manager 11.2.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook