Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 big-ip access policy manager 16.1.1 vulnerabilities and exploits
(subscribe to this query)
7.7
CVSSv3
CVE-2022-31473
In BIG-IP Versions 16.1.x prior to 16.1.1 and 15.1.x prior to 15.1.4, when running in Appliance mode, an authenticated attacker may be able to bypass Appliance mode restrictions due to a directory traversal vulnerability in an undisclosed page within iApps. A successful exploit c...
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 16.1.0
7.5
CVSSv3
CVE-2022-26890
On F5 BIG-IP Advanced WAF, ASM, and APM 16.1.x versions before 16.1.2.1, 15.1.x versions before 15.1.5, 14.1.x versions before 14.1.4.6, and 13.1.x versions before 13.1.5, when ASM or Advanced WAF, as well as APM, are configured on a virtual server, the ASM policy is configured w...
F5 Big-ip Access Policy Manager 13.1.0
F5 Big-ip Application Security Manager 13.1.0
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Application Security Manager 14.1.0
F5 Big-ip Application Security Manager 15.1.0
F5 Big-ip Access Policy Manager 15.1.0
F5 Big-ip Advanced Web Application Firewall 15.1.0
F5 Big-ip Access Policy Manager 14.1.4
F5 Big-ip Advanced Web Application Firewall 14.1.4
F5 Big-ip Application Security Manager 14.1.4
F5 Big-ip Access Policy Manager 13.1.1
F5 Big-ip Access Policy Manager 13.1.3
F5 Big-ip Access Policy Manager 13.1.4
F5 Big-ip Access Policy Manager 13.1.5
F5 Big-ip Access Policy Manager 14.1.2
F5 Big-ip Access Policy Manager 14.1.3
F5 Big-ip Access Policy Manager 15.1.1
F5 Big-ip Access Policy Manager 15.1.2
F5 Big-ip Access Policy Manager 15.1.3
F5 Big-ip Access Policy Manager 15.1.4
F5 Big-ip Access Policy Manager 15.1.5
F5 Big-ip Access Policy Manager 16.1.0
7.5
CVSSv3
CVE-2022-28701
On F5 BIG-IP 16.1.x versions before 16.1.2.2, when the stream profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
F5 Big-ip Application Acceleration Manager 16.1.0
F5 Big-ip Access Policy Manager 16.1.0
F5 Big-ip Advanced Firewall Manager 16.1.0
F5 Big-ip Application Security Manager 16.1.0
F5 Big-ip Domain Name System 16.1.0
F5 Big-ip Fraud Protection Service 16.1.0
F5 Big-ip Global Traffic Manager 16.1.0
F5 Big-ip Link Controller 16.1.0
F5 Big-ip Local Traffic Manager 16.1.0
F5 Big-ip Policy Enforcement Manager 16.1.0
F5 Big-ip Access Policy Manager 16.1.1
F5 Big-ip Access Policy Manager 16.1.2
F5 Big-ip Advanced Firewall Manager 16.1.1
F5 Big-ip Advanced Firewall Manager 16.1.2
F5 Big-ip Analytics 16.1.0
F5 Big-ip Analytics 16.1.1
F5 Big-ip Analytics 16.1.2
F5 Big-ip Application Acceleration Manager 16.1.1
F5 Big-ip Application Acceleration Manager 16.1.2
F5 Big-ip Application Security Manager 16.1.1
F5 Big-ip Application Security Manager 16.1.2
F5 Big-ip Fraud Protection Service 16.1.2
4.3
CVSSv3
CVE-2022-29474
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x and 11.6.x, a directory traversal vulnerability exists in iControl SOAP that allows an authenticated attacker ...
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Global Traffic Manager 11.6.1
F5 Big-ip Domain Name System 12.1.2
F5 Big-ip Policy Enforcement Manager 12.1.1
F5 Big-ip Policy Enforcement Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.2
F5 Big-ip Application Security Manager 12.1.1
F5 Big-ip Advanced Firewall Manager 12.1.1
F5 Big-ip Advanced Firewall Manager 11.6.1
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Analytics 12.1.2
F5 Big-ip Analytics 12.1.0
F5 Big-ip Analytics 11.6.1
F5 Big-ip Application Security Manager 12.1.0
F5 Big-ip Application Security Manager 11.6.1
F5 Big-ip Application Acceleration Manager 12.1.2
F5 Big-ip Application Acceleration Manager 12.1.1
F5 Big-ip Application Acceleration Manager 12.1.0
7.8
CVSSv3
CVE-2022-29263
On F5 BIG-IP APM 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions before 7.2.1.5, the BIG-IP Edge Client Component...
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 11.6.1
F5 Big-ip Access Policy Manager 13.1.0
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Access Policy Manager 15.1.0
F5 Big-ip Access Policy Manager 14.1.4
F5 Big-ip Access Policy Manager 16.1.0
F5 Big-ip Access Policy Manager 17.0.0
F5 Big-ip Access Policy Manager 11.6.3
F5 Big-ip Access Policy Manager 11.6.4
F5 Big-ip Access Policy Manager 11.6.5
F5 Big-ip Access Policy Manager 12.1.3
F5 Big-ip Access Policy Manager 12.1.4
F5 Big-ip Access Policy Manager 12.1.5
F5 Big-ip Access Policy Manager 12.1.6
F5 Big-ip Access Policy Manager 13.1.1
F5 Big-ip Access Policy Manager 13.1.3
F5 Big-ip Access Policy Manager 13.1.4
F5 Big-ip Access Policy Manager 13.1.5
F5 Big-ip Access Policy Manager 14.1.2
4.3
CVSSv3
CVE-2022-1389
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP (fixed in 17.0.0), a cross-site request forgery (CSRF) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. This vulnerability allows an malicious user to run a limited ...
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Global Traffic Manager 11.6.1
F5 Big-ip Domain Name System 12.1.2
F5 Big-ip Policy Enforcement Manager 12.1.1
F5 Big-ip Policy Enforcement Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.2
F5 Big-ip Application Security Manager 12.1.1
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Advanced Firewall Manager 11.6.1
F5 Big-ip Advanced Firewall Manager 12.1.1
F5 Big-ip Analytics 11.6.1
F5 Big-ip Analytics 12.1.0
F5 Big-ip Analytics 12.1.2
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Application Acceleration Manager 12.1.1
F5 Big-ip Application Acceleration Manager 12.1.2
F5 Big-ip Application Security Manager 11.6.1
4.3
CVSSv3
CVE-2022-1468
On all versions of 17.0.x, 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x on F5 BIG-IP, an authenticated iControl REST user with at least guest role privileges can cause processing delays to iControl REST requests via undisclosed requests. Note: Software versions which have r...
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Global Traffic Manager 11.6.1
F5 Big-ip Domain Name System 12.1.2
F5 Big-ip Policy Enforcement Manager 12.1.1
F5 Big-ip Policy Enforcement Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.2
F5 Big-ip Application Security Manager 12.1.1
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Advanced Firewall Manager 11.6.1
F5 Big-ip Advanced Firewall Manager 12.1.1
F5 Big-ip Analytics 11.6.1
F5 Big-ip Analytics 12.1.0
F5 Big-ip Analytics 12.1.2
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Application Acceleration Manager 12.1.1
F5 Big-ip Application Acceleration Manager 12.1.2
F5 Big-ip Application Security Manager 11.6.1
4.3
CVSSv3
CVE-2022-27659
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, and 14.1.x versions before 14.1.4.6, an authenticated attacker can modify or delete Dashboards created by other BIG-IP users in the Traffic Management User Interface (TMUI). Note: Software versions whi...
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Advanced Firewall Manager 14.1.0
F5 Big-ip Application Acceleration Manager 14.1.0
F5 Big-ip Link Controller 14.1.0
F5 Big-ip Policy Enforcement Manager 14.1.0
F5 Big-ip Local Traffic Manager 14.1.0
F5 Big-ip Analytics 14.1.0
F5 Big-ip Application Security Manager 14.1.0
F5 Big-ip Domain Name System 14.1.0
F5 Big-ip Global Traffic Manager 14.1.0
F5 Big-ip Access Policy Manager 14.1.4
F5 Big-ip Access Policy Manager 15.1.0
F5 Big-ip Advanced Firewall Manager 14.1.4
F5 Big-ip Advanced Firewall Manager 15.1.0
F5 Big-ip Analytics 14.1.4
F5 Big-ip Analytics 15.1.0
F5 Big-ip Application Acceleration Manager 14.1.4
F5 Big-ip Application Acceleration Manager 15.1.0
F5 Big-ip Application Security Manager 14.1.4
F5 Big-ip Application Security Manager 15.1.0
F5 Big-ip Domain Name System 14.1.4
F5 Big-ip Domain Name System 15.1.0
6.8
CVSSv3
CVE-2022-27878
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP, and F5 BIG-IP Guided Configuration (GC) all versions before 9.0, a stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an ...
F5 Big-ip Local Traffic Manager 13.1.0
F5 Big-ip Application Acceleration Manager 13.1.0
F5 Big-ip Advanced Firewall Manager 13.1.0
F5 Big-ip Analytics 13.1.0
F5 Big-ip Access Policy Manager 13.1.0
F5 Big-ip Application Security Manager 13.1.0
F5 Big-ip Global Traffic Manager 13.1.0
F5 Big-ip Link Controller 13.1.0
F5 Big-ip Policy Enforcement Manager 13.1.0
F5 Big-ip Domain Name System 13.1.0
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Advanced Firewall Manager 14.1.0
F5 Big-ip Advanced Firewall Manager 15.1.0
F5 Big-ip Analytics 14.1.0
F5 Big-ip Application Acceleration Manager 14.1.0
F5 Big-ip Application Acceleration Manager 15.1.0
F5 Big-ip Application Security Manager 14.1.0
F5 Big-ip Domain Name System 14.1.0
F5 Big-ip Domain Name System 15.1.0
F5 Big-ip Fraud Protection Service 13.1.0
F5 Big-ip Fraud Protection Service 14.1.0
F5 Big-ip Fraud Protection Service 15.1.0
7.5
CVSSv3
CVE-2022-28691
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5, 14.1.x versions before 14.1.4.6, and 13.1.x versions before 13.1.5, when a Real Time Streaming Protocol (RTSP) profile is configured on a virtual server, undisclosed traffic can cause an increase in Traf...
F5 Big-ip Local Traffic Manager 13.1.0
F5 Big-ip Application Acceleration Manager 13.1.0
F5 Big-ip Advanced Firewall Manager 13.1.0
F5 Big-ip Analytics 13.1.0
F5 Big-ip Access Policy Manager 13.1.0
F5 Big-ip Application Security Manager 13.1.0
F5 Big-ip Global Traffic Manager 13.1.0
F5 Big-ip Link Controller 13.1.0
F5 Big-ip Policy Enforcement Manager 13.1.0
F5 Big-ip Domain Name System 13.1.0
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Advanced Firewall Manager 14.1.0
F5 Big-ip Advanced Firewall Manager 15.1.0
F5 Big-ip Analytics 14.1.0
F5 Big-ip Application Acceleration Manager 14.1.0
F5 Big-ip Application Acceleration Manager 15.1.0
F5 Big-ip Application Security Manager 14.1.0
F5 Big-ip Domain Name System 14.1.0
F5 Big-ip Domain Name System 15.1.0
F5 Big-ip Fraud Protection Service 13.1.0
F5 Big-ip Fraud Protection Service 14.1.0
F5 Big-ip Fraud Protection Service 15.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »