Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 big-ip analytics 11.2.1 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2013-7408
F5 BIG-IP Analytics 11.x prior to 11.4.0 uses a predictable session cookie, which makes it easier for remote malicious users to have unspecified impact by guessing the value.
F5 Big-ip Analytics 11.0.0
F5 Big-ip Analytics 11.2.0
F5 Big-ip Analytics 11.2.1
F5 Big-ip Analytics 11.3.0
F5 Big-ip Analytics 11.1.0
6.4
CVSSv2
CVE-2017-6158
In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 there is a vulnerability in TMM related to handling of invalid IP addresses.
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 11.2.1
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 11.2.1
F5 Big-ip Analytics
F5 Big-ip Analytics 11.2.1
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Application Security Manager 11.2.1
F5 Big-ip Application Security Manager
F5 Big-ip Edge Gateway
F5 Big-ip Edge Gateway 11.2.1
F5 Big-ip Global Traffic Manager
F5 Big-ip Global Traffic Manager 11.2.1
F5 Big-ip Link Controller
F5 Big-ip Link Controller 11.2.1
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Policy Enforcement Manager 11.2.1
F5 Big-ip Webaccelerator 11.2.1
F5 Big-ip Webaccelerator
4.3
CVSSv2
CVE-2018-5521
On F5 BIG-IP 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, carefully crafted URLs can be used to reflect arbitrary content into GeoIP lookup responses, potentially exposing clients to XSS.
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 11.2.1
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Advanced Firewall Manager 11.2.1
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics 11.2.1
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 11.2.1
F5 Big-ip Domain Name System
F5 Big-ip Domain Name System 11.2.1
F5 Big-ip Edge Gateway 11.2.1
F5 Big-ip Edge Gateway
F5 Big-ip Global Traffic Manager 11.2.1
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Link Controller 11.2.1
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Policy Enforcement Manager 11.2.1
4.3
CVSSv2
CVE-2018-5501
In some circumstances, on F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, any 11.6.x or 11.5.x release, or 11.2.1, TCP DNS profile allows excessive buffering due to lack of flow control.
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Local Traffic Manager 13.0.0
F5 Big-ip Application Acceleration Manager 11.2.1
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 13.0.0
F5 Big-ip Advanced Firewall Manager 11.2.1
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 13.0.0
F5 Big-ip Analytics 13.0.0
F5 Big-ip Analytics
F5 Big-ip Analytics 11.2.1
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Application Security Manager 11.2.1
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 13.0.0
F5 Big-ip Dns
F5 Big-ip Dns 13.0.0
F5 Big-ip Dns 11.2.1
F5 Big-ip Link Controller 11.2.1
6
CVSSv2
CVE-2017-6156
When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 system is configured with a wildcard IPSec tunnel endpoint, it may allow a remote malicious user to disrupt or impersonate the tunnels that have completed phase 1 IPSec negotiations. The attacker must posse...
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager 11.2.1
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Advanced Firewall Manager 11.2.1
F5 Big-ip Advanced Firewall Manager 11.6.1
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics 11.6.1
F5 Big-ip Analytics 11.2.1
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 11.6.1
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 11.2.1
F5 Big-ip Application Security Manager 11.6.1
F5 Big-ip Edge Gateway
F5 Big-ip Edge Gateway 11.2.1
F5 Big-ip Edge Gateway 11.6.1
F5 Big-ip Global Traffic Manager 11.2.1
4.3
CVSSv2
CVE-2018-5522
On F5 BIG-IP 13.0.0, 12.0.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, when processing DIAMETER transactions with carefully crafted attribute-value pairs, TMM may crash.
F5 Big-ip Application Acceleration Manager 11.2.1
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 13.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Local Traffic Manager 13.0.0
F5 Big-ip Advanced Firewall Manager 13.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 11.2.1
F5 Big-ip Analytics 11.2.1
F5 Big-ip Analytics
F5 Big-ip Analytics 13.0.0
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 11.2.1
F5 Big-ip Application Security Manager 13.0.0
F5 Big-ip Domain Name System 11.2.1
F5 Big-ip Domain Name System
F5 Big-ip Domain Name System 13.0.0
F5 Big-ip Edge Gateway 13.0.0
4.3
CVSSv2
CVE-2014-3959
Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 up to and including 11.5.1, AAM 11.4.0 up to and including 11.5.1 PEM 11.3.0 up to and including 11.5.1, PSM 11.2.1 up to ...
F5 Big-ip Application Acceleration Manager 11.5.1
F5 Big-ip Advanced Firewall Manager 11.2.1
F5 Big-ip Advanced Firewall Manager 11.5.1
F5 Big-ip Analytics 11.2.1
F5 Big-ip Analytics 11.5.1
F5 Big-ip Protocol Security Module 11.2.1
F5 Big-ip Protocol Security Module 11.4.1
F5 Big-ip Webaccelerator 11.2.1
F5 Big-ip Webaccelerator 11.3.0
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Application Acceleration Manager 11.4.0
F5 Big-ip Access Policy Manager 11.5.1
F5 Big-ip Application Security Manager 11.5.1
F5 Big-ip Link Controller 11.2.1
F5 Big-ip Policy Enforcement Manager 11.3.0
F5 Big-ip Wan Optimization Manager 11.3.0
F5 Enterprise Manager 3.1.1
F5 Big-ip Edge Gateway 11.2.1
F5 Big-ip Edge Gateway 11.3.0
F5 Big-ip Global Traffic Manager 11.2.1
F5 Big-ip Global Traffic Manager 11.5.1
F5 Big-ip Local Traffic Manager 11.5.1
7.5
CVSSv2
CVE-2012-3000
Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x prior to 11.2.0-HF3 and 11.2.x prior to 11...
F5 Big-ip Webaccelerator 11.2.0
F5 Big-ip Webaccelerator 11.2.1
F5 Big-ip Webaccelerator 11.0.0
F5 Big-ip Webaccelerator 11.1.0
F5 Big-ip Global Traffic Manager 11.1.0
F5 Big-ip Global Traffic Manager 11.0.0
F5 Big-ip Global Traffic Manager 11.2.1
F5 Big-ip Global Traffic Manager 11.2.0
F5 Big-ip Local Traffic Manager 11.1.0
F5 Big-ip Local Traffic Manager 11.0.0
F5 Big-ip Local Traffic Manager 11.2.0
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Protocol Security Module 11.0.0
F5 Big-ip Protocol Security Module 11.1.0
F5 Big-ip Protocol Security Module 11.2.0
F5 Big-ip Protocol Security Module 11.2.1
F5 Big-ip Wan Optimization Manager 11.0.0
F5 Big-ip Wan Optimization Manager 11.2.0
F5 Big-ip Wan Optimization Manager 11.2.1
F5 Big-ip Wan Optimization Manager 11.1.0
F5 Big-ip Link Controller 11.2.1
F5 Big-ip Link Controller 11.1.0
6.5
CVSSv2
CVE-2018-5523
On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 and Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utilit...
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 13.1.0
F5 Big-ip Application Acceleration Manager 11.2.1
F5 Big-ip Application Acceleration Manager 13.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 13.1.0
F5 Big-ip Local Traffic Manager 13.0.0
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 13.1.0
F5 Big-ip Advanced Firewall Manager 11.2.1
F5 Big-ip Advanced Firewall Manager 13.0.0
F5 Big-ip Analytics 11.2.1
F5 Big-ip Analytics 13.0.0
F5 Big-ip Analytics
F5 Big-ip Analytics 13.1.0
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 13.1.0
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Application Security Manager 11.2.1
F5 Big-ip Application Security Manager
5
CVSSv2
CVE-2017-6153
Features in F5 BIG-IP 13.0.0-13.1.0.3, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 system that utilizes inflate functionality directly, via an iRule, or via the inflate code from PEM module are subjected to a service disruption via a "Zip Bomb" attack.
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 11.2.1
F5 Big-ip Application Acceleration Manager 13.0.0
F5 Big-ip Application Acceleration Manager 13.1.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 13.1.0
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Local Traffic Manager 13.0.0
F5 Big-ip Advanced Firewall Manager 13.1.0
F5 Big-ip Advanced Firewall Manager 13.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 11.2.1
F5 Big-ip Analytics 13.1.0
F5 Big-ip Analytics 13.0.0
F5 Big-ip Analytics
F5 Big-ip Analytics 11.2.1
F5 Big-ip Access Policy Manager 13.1.0
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Application Security Manager 13.0.0
F5 Big-ip Application Security Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »