Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

f5 big-ip access policy manager 16.0.1.1 vulnerabilities and exploits

(subscribe to this query)
5.3
CVSSv3
CVE-2021-23007
On BIG-IP versions 14.1.4 and 16.0.1.1, when the Traffic Management Microkernel (TMM) process handles certain undisclosed traffic, it may start dropping all fragmented IP traffic. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.
F5 Big-ip Access Policy Manager 14.1.4F5 Big-ip Access Policy Manager 16.0.1.1F5 Big-ip Advanced Firewall Manager 14.1.4F5 Big-ip Advanced Firewall Manager 16.0.1.1F5 Big-ip Advanced Web Application Firewall 14.1.4F5 Big-ip Advanced Web Application Firewall 16.0.1.1F5 Big-ip Analytics 14.1.4F5 Big-ip Analytics 16.0.1.1F5 Big-ip Application Acceleration Manager 14.1.4F5 Big-ip Application Acceleration Manager 16.0.1.1F5 Big-ip Application Security Manager 14.1.4F5 Big-ip Application Security Manager 16.0.1.1F5 Big-ip Ddos Hybrid Defender 14.1.4F5 Big-ip Ddos Hybrid Defender 16.0.1.1F5 Big-ip Domain Name System 14.1.4F5 Big-ip Domain Name System 16.0.1.1F5 Big-ip Edge Gateway 14.1.4F5 Big-ip Edge Gateway 16.0.1.1F5 Big-ip Fraud Protection Service 14.1.4F5 Big-ip Fraud Protection Service 16.0.1.1F5 Big-ip Global Traffic Manager 14.1.4F5 Big-ip Global Traffic Manager 16.0.1.1
4.5
CVSSv3
CVE-2021-23002
When using BIG-IP APM 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, or all 12.1.x and 11.6.x versions or Edge Client versions 7.2.1.x prior to 7.2.1.1, 7.1.9.x prior to 7.1.9.8, or 7.1.8.x prior to 7.1.8.5, the session ID is...
F5 Access Policy Manager ClientsF5 Big-ip Access Policy Manager
7.5
CVSSv3
CVE-2021-22973
On BIG-IP version 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2, 14.1.x prior to 14.1.3.1, 13.1.x prior to 13.1.3.5, and all 12.1.x versions, JSON parser function does not protect against out-of-bounds memory accesses or writes. Note: Software versions which have reached End o...
F5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip AnalyticsF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Security ManagerF5 Big-ip Domain Name SystemF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Policy Enforcement Manager
7.5
CVSSv3
CVE-2022-34655
In BIG-IP Versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.6.1, and 14.1.x prior to 14.1.5, when an iRule containing the HTTP::payload command is configured on a virtual server, undisclosed traffic can cause Traffic Management Microkernel (TMM) to terminate. Note: Software...
F5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip AnalyticsF5 Big-ip Application Security ManagerF5 Big-ip Domain Name SystemF5 Big-ip Global Traffic ManagerF5 Big-ip Fraud Protection ServiceF5 Big-ip Link ControllerF5 Big-ip Local Traffic ManagerF5 Big-ip Policy Enforcement Manager
5.3
CVSSv3
CVE-2021-22998
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, 12.1.x prior to 12.1.5.3, and 11.6.x prior to 11.6.5.3, SYN flood protection thresholds are not enforced in secure network address translation (SNAT) listeners...
F5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Web Application FirewallF5 Big-ip AnalyticsF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Security ManagerF5 Big-ip Ddos Hybrid DefenderF5 Big-ip Domain Name SystemF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Local Traffic ManagerF5 Big-ip Policy Enforcement ManagerF5 Ssl Orchestrator
8.8
CVSSv3
CVE-2021-22988
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, 12.1.x prior to 12.1.5.3, and 11.6.x prior to 11.6.5.3, TMUI, also referred to as the Configuration utility, has an authenticated remote command execution vuln...
F5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Web Application FirewallF5 Big-ip AnalyticsF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Security ManagerF5 Big-ip Ddos Hybrid DefenderF5 Big-ip Domain Name SystemF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Local Traffic ManagerF5 Big-ip Policy Enforcement ManagerF5 Ssl Orchestrator
7.5
CVSSv3
CVE-2021-23004
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2, 14.1.x prior to 14.1.3.1, 13.1.x prior to 13.1.3.6, 12.1.x prior to 12.1.5.3, and 11.6.x prior to 11.6.5.3, Multipath TCP (MPTCP) forwarding flows may be created on standard virtual servers without MPTCP enabled...
F5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Web Application FirewallF5 Big-ip AnalyticsF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Security ManagerF5 Big-ip Ddos Hybrid DefenderF5 Big-ip Domain Name SystemF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Local Traffic ManagerF5 Big-ip Policy Enforcement ManagerF5 Ssl Orchestrator
7.5
CVSSv3
CVE-2021-23003
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2, 14.1.x prior to 14.1.3.1, 13.1.x prior to 13.1.3.6, 12.1.x prior to 12.1.5.3, and 11.6.x prior to 11.6.5.3, the Traffic Management Microkernel (TMM) process may produce a core file when undisclosed MPTCP traffic...
F5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Web Application FirewallF5 Big-ip AnalyticsF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Security ManagerF5 Big-ip Ddos Hybrid DefenderF5 Big-ip Domain Name SystemF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Local Traffic ManagerF5 Big-ip Policy Enforcement ManagerF5 Ssl Orchestrator
9.9
CVSSv3
CVE-2021-22987
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, 12.1.x prior to 12.1.5.3, and 11.6.x prior to 11.6.5.3 when running in Appliance mode, the Traffic Management User Interface (TMUI), also referred to as the Co...
F5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Web Application FirewallF5 Big-ip AnalyticsF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Security ManagerF5 Big-ip Ddos Hybrid DefenderF5 Big-ip Domain Name SystemF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Local Traffic ManagerF5 Big-ip Policy Enforcement ManagerF5 Ssl Orchestrator
9.1
CVSSv3
CVE-2021-22989
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, 12.1.x prior to 12.1.5.3, and 11.6.x prior to 11.6.5.3, when running in Appliance mode with Advanced WAF or BIG-IP ASM provisioned, the TMUI, also referred to ...
F5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Web Application FirewallF5 Big-ip AnalyticsF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Security ManagerF5 Big-ip Ddos Hybrid DefenderF5 Big-ip Domain Name SystemF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Local Traffic ManagerF5 Big-ip Policy Enforcement ManagerF5 Ssl Orchestrator
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991CVE-2024-32674path traversalCVE-2023-21987denial of servicedosCVE-2024-4647CVE-2024-25519CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook