Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 big-ip application security manager 11.2.1 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-5539
Under certain conditions, on F5 BIG-IP ASM 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, 11.5.1-11.5.6, or 11.2.1, when processing CSRF protections, the BIG-IP ASM bd process may restart and produce a core file.
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 11.2.1
5
CVSSv2
CVE-2017-6155
On F5 BIG-IP 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.4.1-11.5.5, or 11.2.1, malformed SPDY or HTTP/2 requests may result in a disruption of service to TMM. Data plane is only exposed when a SPDY or HTTP/2 profile is attached to a virtual server. There is no control plane expos...
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Local Traffic Manager 13.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 13.0.0
F5 Big-ip Application Acceleration Manager 11.2.1
F5 Big-ip Advanced Firewall Manager 11.2.1
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 13.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 11.2.1
F5 Big-ip Application Security Manager 13.0.0
F5 Big-ip Edge Gateway 11.2.1
F5 Big-ip Edge Gateway
F5 Big-ip Edge Gateway 13.0.0
F5 Big-ip Link Controller 13.0.0
F5 Big-ip Link Controller
F5 Big-ip Link Controller 11.2.1
F5 Big-ip Policy Enforcement Manager
6.4
CVSSv2
CVE-2017-6158
In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 there is a vulnerability in TMM related to handling of invalid IP addresses.
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 11.2.1
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 11.2.1
F5 Big-ip Analytics
F5 Big-ip Analytics 11.2.1
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Application Security Manager 11.2.1
F5 Big-ip Application Security Manager
F5 Big-ip Edge Gateway
F5 Big-ip Edge Gateway 11.2.1
F5 Big-ip Global Traffic Manager
F5 Big-ip Global Traffic Manager 11.2.1
F5 Big-ip Link Controller
F5 Big-ip Link Controller 11.2.1
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Policy Enforcement Manager 11.2.1
F5 Big-ip Webaccelerator 11.2.1
F5 Big-ip Webaccelerator
4.3
CVSSv2
CVE-2018-5521
On F5 BIG-IP 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, carefully crafted URLs can be used to reflect arbitrary content into GeoIP lookup responses, potentially exposing clients to XSS.
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 11.2.1
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Advanced Firewall Manager 11.2.1
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics 11.2.1
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 11.2.1
F5 Big-ip Domain Name System
F5 Big-ip Domain Name System 11.2.1
F5 Big-ip Edge Gateway 11.2.1
F5 Big-ip Edge Gateway
F5 Big-ip Global Traffic Manager 11.2.1
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Link Controller 11.2.1
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Policy Enforcement Manager 11.2.1
4.3
CVSSv2
CVE-2014-3959
Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 up to and including 11.5.1, AAM 11.4.0 up to and including 11.5.1 PEM 11.3.0 up to and including 11.5.1, PSM 11.2.1 up to ...
F5 Big-ip Application Acceleration Manager 11.5.1
F5 Big-ip Advanced Firewall Manager 11.2.1
F5 Big-ip Advanced Firewall Manager 11.5.1
F5 Big-ip Analytics 11.2.1
F5 Big-ip Analytics 11.5.1
F5 Big-ip Protocol Security Module 11.2.1
F5 Big-ip Protocol Security Module 11.4.1
F5 Big-ip Webaccelerator 11.2.1
F5 Big-ip Webaccelerator 11.3.0
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Application Acceleration Manager 11.4.0
F5 Big-ip Access Policy Manager 11.5.1
F5 Big-ip Application Security Manager 11.5.1
F5 Big-ip Link Controller 11.2.1
F5 Big-ip Policy Enforcement Manager 11.3.0
F5 Big-ip Wan Optimization Manager 11.3.0
F5 Enterprise Manager 3.1.1
F5 Big-ip Edge Gateway 11.2.1
F5 Big-ip Edge Gateway 11.3.0
F5 Big-ip Global Traffic Manager 11.2.1
F5 Big-ip Global Traffic Manager 11.5.1
F5 Big-ip Local Traffic Manager 11.5.1
4.3
CVSSv2
CVE-2018-5501
In some circumstances, on F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, any 11.6.x or 11.5.x release, or 11.2.1, TCP DNS profile allows excessive buffering due to lack of flow control.
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Local Traffic Manager 13.0.0
F5 Big-ip Application Acceleration Manager 11.2.1
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 13.0.0
F5 Big-ip Advanced Firewall Manager 11.2.1
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 13.0.0
F5 Big-ip Analytics 13.0.0
F5 Big-ip Analytics
F5 Big-ip Analytics 11.2.1
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Application Security Manager 11.2.1
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 13.0.0
F5 Big-ip Dns
F5 Big-ip Dns 13.0.0
F5 Big-ip Dns 11.2.1
F5 Big-ip Link Controller 11.2.1
6
CVSSv2
CVE-2017-6156
When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 system is configured with a wildcard IPSec tunnel endpoint, it may allow a remote malicious user to disrupt or impersonate the tunnels that have completed phase 1 IPSec negotiations. The attacker must posse...
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager 11.2.1
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Advanced Firewall Manager 11.2.1
F5 Big-ip Advanced Firewall Manager 11.6.1
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics 11.6.1
F5 Big-ip Analytics 11.2.1
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 11.6.1
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 11.2.1
F5 Big-ip Application Security Manager 11.6.1
F5 Big-ip Edge Gateway
F5 Big-ip Edge Gateway 11.2.1
F5 Big-ip Edge Gateway 11.6.1
F5 Big-ip Global Traffic Manager 11.2.1
4.3
CVSSv2
CVE-2018-5522
On F5 BIG-IP 13.0.0, 12.0.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, when processing DIAMETER transactions with carefully crafted attribute-value pairs, TMM may crash.
F5 Big-ip Application Acceleration Manager 11.2.1
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 13.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Local Traffic Manager 13.0.0
F5 Big-ip Advanced Firewall Manager 13.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 11.2.1
F5 Big-ip Analytics 11.2.1
F5 Big-ip Analytics
F5 Big-ip Analytics 13.0.0
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 11.2.1
F5 Big-ip Application Security Manager 13.0.0
F5 Big-ip Domain Name System 11.2.1
F5 Big-ip Domain Name System
F5 Big-ip Domain Name System 13.0.0
F5 Big-ip Edge Gateway 13.0.0
5
CVSSv2
CVE-2016-5023
Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 up to and including 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote malicious users to cause a denial of service (Traffic Management Microke...
F5 Big-ip Edge Gateway 11.2.1
F5 Big-ip Protocol Security Module 11.2.1
F5 Big-ip Protocol Security Module 11.4.1
F5 Big-ip Analytics 11.5.3
F5 Big-ip Analytics 11.4.1
F5 Big-ip Analytics 11.2.1
F5 Big-ip Analytics 12.0.0
F5 Big-ip Analytics 11.5.4
F5 Big-ip Analytics 11.6.0
F5 Big-ip Application Security Manager 12.0.0
F5 Big-ip Application Security Manager 11.2.1
F5 Big-ip Application Security Manager 11.5.4
F5 Big-ip Application Security Manager 11.4.1
F5 Big-ip Application Security Manager 11.6.0
F5 Big-ip Application Security Manager 11.5.3
F5 Big-ip Advanced Firewall Manager 12.0.0
F5 Big-ip Advanced Firewall Manager 11.6.0
F5 Big-ip Advanced Firewall Manager 11.5.3
F5 Big-ip Advanced Firewall Manager 11.4.1
F5 Big-ip Advanced Firewall Manager 11.5.4
F5 Big-ip Domain Name System 12.0.0
F5 Big-ip Policy Enforcement Manager 12.0.0
7.5
CVSSv2
CVE-2012-3000
Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x prior to 11.2.0-HF3 and 11.2.x prior to 11...
F5 Big-ip Webaccelerator 11.2.0
F5 Big-ip Webaccelerator 11.2.1
F5 Big-ip Webaccelerator 11.0.0
F5 Big-ip Webaccelerator 11.1.0
F5 Big-ip Global Traffic Manager 11.1.0
F5 Big-ip Global Traffic Manager 11.0.0
F5 Big-ip Global Traffic Manager 11.2.1
F5 Big-ip Global Traffic Manager 11.2.0
F5 Big-ip Local Traffic Manager 11.1.0
F5 Big-ip Local Traffic Manager 11.0.0
F5 Big-ip Local Traffic Manager 11.2.0
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Protocol Security Module 11.0.0
F5 Big-ip Protocol Security Module 11.1.0
F5 Big-ip Protocol Security Module 11.2.0
F5 Big-ip Protocol Security Module 11.2.1
F5 Big-ip Wan Optimization Manager 11.0.0
F5 Big-ip Wan Optimization Manager 11.2.0
F5 Big-ip Wan Optimization Manager 11.2.1
F5 Big-ip Wan Optimization Manager 11.1.0
F5 Big-ip Link Controller 11.2.1
F5 Big-ip Link Controller 11.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »