f5 big-ip application security manager 10.2.3 vulnerabilities and exploits

(subscribe to this query)

5

CVSSv2

The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link Controller 10.2.1 up to and including 10.2.4, 11.2.1, 11.4.x, 11.5.x prior to 11.5.4 HF2, 11.6.x prior to 11.6.1, and 12.0.0 before HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x prior to 11.5.4 HF2, 11.6.x prior...

4

CVSSv2

Buffer overflow in the mcpq daemon in F5 BIG-IP systems 10.x prior to 10.2.4 HF12, 11.x prior to 11.2.1 HF15, 11.3.x, 11.4.x prior to 11.4.1 HF9, 11.5.x prior to 11.5.2 HF1, and 11.6.0 before HF4, and Enterprise Manager 2.1.0 up to and including 2.3.0 and 3.x prior to 3.1.1 HF5 a...

F5 Big-ip Local Traffic Manager 11.3.0 F5 Big-ip Local Traffic Manager 11.4.0 F5 Big-ip Local Traffic Manager 11.4.1 F5 Big-ip Local Traffic Manager 11.5.0 F5 Big-ip Local Traffic Manager 10.2.0 F5 Big-ip Local Traffic Manager 10.2.1 F5 Big-ip Local Traffic Manager 10.2.2 F5 Big-ip Local Traffic Manager 10.2.3 F5 Big-ip Local Traffic Manager 10.0.0 F5 Big-ip Local Traffic Manager 10.1.0 F5 Big-ip Local Traffic Manager 10.2.4 F5 Big-ip Local Traffic Manager 11.1.0 F5 Big-ip Local Traffic Manager 11.2.1 F5 Big-ip Local Traffic Manager 11.5.1 F5 Big-ip Local Traffic Manager 11.6.0 F5 Big-ip Local Traffic Manager 10.0.1 F5 Big-ip Local Traffic Manager 11.0.0 F5 Big-ip Local Traffic Manager 11.2.0 F5 Big-ip Local Traffic Manager 11.5.2 F5 Big-ip Application Acceleration Manager 11.4.0 F5 Big-ip Application Acceleration Manager 11.4.1 F5 Big-ip Application Acceleration Manager 11.5.0

4.3

CVSSv2

The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 up to and including 10.2.4 and 11.0.0 up to and including 11.5.1, AAM 11.4.0 up to and including 11.5.1, AFM 11.3.0 up to and including 11.5.1, Analytics 11.0.0 up to and including 11.5.1, Edge Gateway, WebAccelerat...

1 Github repository1 Article

5.5

CVSSv2

Multiple XML External Entity (XXE) vulnerabilities in the Configuration utility in F5 BIG-IP LTM, ASM, GTM, and Link Controller 11.0 up to and including 11.6.0 and 10.0.0 up to and including 10.2.4, AAM 11.4.0 up to and including 11.6.0, ARM 11.3.0 up to and including 11.6.0, Ana...

F5 Big-ip Protocol Security Module 10.2.3 F5 Big-ip Protocol Security Module 11.0.0 F5 Big-ip Protocol Security Module 10.2.0 F5 Big-ip Protocol Security Module 10.2.1 F5 Big-ip Protocol Security Module 11.2.1 F5 Big-ip Protocol Security Module 11.3.0 F5 Big-ip Protocol Security Module 11.4.0 F5 Big-ip Protocol Security Module 10.0.0 F5 Big-ip Protocol Security Module 10.1.0 F5 Big-ip Protocol Security Module 11.1.0 F5 Big-ip Protocol Security Module 11.2.0 F5 Big-ip Protocol Security Module 10.2.2 F5 Big-ip Protocol Security Module 10.2.4 F5 Big-ip Protocol Security Module 11.4.1 F5 Big-ip Global Traffic Manager 10.0.0 F5 Big-ip Global Traffic Manager 10.1.0 F5 Big-ip Global Traffic Manager 11.1.0 F5 Big-ip Global Traffic Manager 11.2.0 F5 Big-ip Global Traffic Manager 11.6.0 F5 Big-ip Global Traffic Manager 10.2.2 F5 Big-ip Global Traffic Manager 10.2.3 F5 Big-ip Global Traffic Manager 11.4.1

9

CVSSv2

F5 BIG-IP prior to 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script.

F5 Big-ip Wan Optimization Manager 11.2.1 F5 Big-ip Wan Optimization Manager 10.2.4 F5 Big-ip Wan Optimization Manager 10.2.2 F5 Big-ip Wan Optimization Manager 10.2.3 F5 Big-ip Wan Optimization Manager 10.2.1 F5 Big-ip Protocol Security Module 11.4.1 F5 Big-ip Protocol Security Module 11.4.0 F5 Big-ip Protocol Security Module 10.2.4 F5 Big-ip Protocol Security Module 10.2.3 F5 Big-ip Protocol Security Module 10.2.2 F5 Big-ip Protocol Security Module 10.2.1 F5 Big-ip Application Acceleration Manager 11.4.1 F5 Big-ip Application Acceleration Manager 11.4.0 F5 Big-ip Application Acceleration Manager 12.1.0 F5 Big-ip Application Acceleration Manager 11.6.1 F5 Big-ip Application Acceleration Manager 11.6.0 F5 Big-ip Application Acceleration Manager 11.5.4 F5 Big-ip Application Acceleration Manager 11.5.2 F5 Big-ip Application Acceleration Manager 11.5.0 F5 Big-ip Application Acceleration Manager 12.0.0 F5 Big-ip Application Acceleration Manager 11.5.3 F5 Big-ip Application Acceleration Manager 11.5.1

4.3

CVSSv2

Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 prior to 11.6.0 and 10.1.0 up to and including 10.2.4, AAM 11.4.0 prior to 11.6.0, AFM and PEM 11.3.0 prior to 11.6.0, Anal...

F5 Big-ip Advanced Firewall Manager 11.5.1 F5 Big-ip Advanced Firewall Manager 11.5.0 F5 Big-ip Advanced Firewall Manager 11.4.1 F5 Big-ip Advanced Firewall Manager 11.3.0 F5 Big-ip Advanced Firewall Manager 11.4.0 F5 Big-ip Policy Enforcement Manager 11.4.0 F5 Big-ip Policy Enforcement Manager 11.5.0 F5 Big-ip Policy Enforcement Manager 11.5.1 F5 Big-ip Policy Enforcement Manager 11.3.0 F5 Big-ip Policy Enforcement Manager 11.4.1 F5 Big-ip Application Security Manager 10.2.1 F5 Big-ip Application Security Manager 10.2.3 F5 Big-ip Application Security Manager 11.4.0 F5 Big-ip Application Security Manager 11.5.0 F5 Big-ip Application Security Manager 10.1.0 F5 Big-ip Application Security Manager 11.5.1 F5 Big-ip Application Security Manager 11.0.0 F5 Big-ip Application Security Manager 11.1.0 F5 Big-ip Application Security Manager 11.2.0 F5 Big-ip Application Security Manager 11.2.1 F5 Big-ip Application Security Manager 10.2.0 F5 Big-ip Application Security Manager 10.2.2

5

CVSSv2

The Traffic Management Microkernel (TMM) in F5 BIG-IP prior to 11.5.4 HF3, 11.6.x prior to 11.6.1 HF2 and 12.x prior to 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote malicious users to cause a denial-of-service (DoS) through unspecified ve...

F5 Big-ip Local Traffic Manager 11.4.1 F5 Big-ip Local Traffic Manager 11.5.0 F5 Big-ip Local Traffic Manager 12.0.0 F5 Big-ip Local Traffic Manager 12.1.0 F5 Big-ip Local Traffic Manager 10.2.3 F5 Big-ip Local Traffic Manager 10.2.4 F5 Big-ip Local Traffic Manager 10.2.1 F5 Big-ip Local Traffic Manager 10.2.2 F5 Big-ip Local Traffic Manager 11.5.1 F5 Big-ip Local Traffic Manager 11.5.2 F5 Big-ip Local Traffic Manager 12.1.1 F5 Big-ip Local Traffic Manager 11.5.3 F5 Big-ip Local Traffic Manager 11.5.4 F5 Big-ip Local Traffic Manager 11.2.1 F5 Big-ip Local Traffic Manager 11.4.0 F5 Big-ip Local Traffic Manager 11.6.0 F5 Big-ip Local Traffic Manager 11.6.1 F5 Big-ip Application Acceleration Manager 11.4.0 F5 Big-ip Application Acceleration Manager 11.6.0 F5 Big-ip Application Acceleration Manager 11.6.1 F5 Big-ip Application Acceleration Manager 12.0.0 F5 Big-ip Application Acceleration Manager 11.5.1

7.8

CVSSv2

Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x prior to 10.2.4 HF13, 11.x prior to 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x prior to 11.5.3 HF2, and 11.6.x before HF6, BIG-IP AAM 11.4.x, 11.5.x prior to 11.5.3 HF2 and 11.6.0 before ...

F5 Big-iq Application Delivery Controller 4.5.0 F5 Big-ip Local Traffic Manager 10.2.1 F5 Big-ip Local Traffic Manager 10.1.0 F5 Big-ip Local Traffic Manager 11.5.2 F5 Big-ip Local Traffic Manager 11.5.0 F5 Big-ip Local Traffic Manager 11.0.0 F5 Big-ip Local Traffic Manager 10.2.4 F5 Big-ip Local Traffic Manager 10.2.3 F5 Big-ip Local Traffic Manager 11.4.0 F5 Big-ip Local Traffic Manager 11.3.0 F5 Big-ip Local Traffic Manager 11.2.1 F5 Big-ip Local Traffic Manager 11.2.0 F5 Big-ip Local Traffic Manager 11.1.0 F5 Big-ip Local Traffic Manager 10.0.1 F5 Big-ip Local Traffic Manager 10.0.0 F5 Big-ip Local Traffic Manager 11.6.0 F5 Big-ip Local Traffic Manager 11.5.3 F5 Big-ip Local Traffic Manager 10.2.2 F5 Big-ip Local Traffic Manager 10.2.0 F5 Big-ip Local Traffic Manager 11.5.1 F5 Big-ip Local Traffic Manager 11.4.1 F5 Big-ip Access Policy Manager 10.1.0

9.3

CVSSv2

The rsync daemon in F5 BIG-IP 11.6 prior to 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x prior to 3.1.1 HF2, when configured in failover mode, does not require authenticati...

1 EDB exploit

7.8

CVSSv2

The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Controller, and WOM 10.0.0 up to and including 10.2.2 and 11.0.0; Analytics 11.0.0; PSM 9.4.0 up to and including 9.4.8, 10.0.0 up to and including 10.2.4, and 11.0.0 up to and including ...

Get Started

1 2 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook