Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

f5 big-ip application security manager 11.2.1 vulnerabilities and exploits

(subscribe to this query)
445
VMScore
CVE-2018-5539
Under certain conditions, on F5 BIG-IP ASM 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, 11.5.1-11.5.6, or 11.2.1, when processing CSRF protections, the BIG-IP ASM bd process may restart and produce a core file.
F5 Big-ip Application Security ManagerF5 Big-ip Application Security Manager 11.2.1
445
VMScore
CVE-2017-6155
On F5 BIG-IP 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.4.1-11.5.5, or 11.2.1, malformed SPDY or HTTP/2 requests may result in a disruption of service to TMM. Data plane is only exposed when a SPDY or HTTP/2 profile is attached to a virtual server. There is no control plane expos...
F5 Big-ip Local Traffic ManagerF5 Big-ip Local Traffic Manager 11.2.1F5 Big-ip Local Traffic Manager 13.0.0F5 Big-ip Application Acceleration ManagerF5 Big-ip Application Acceleration Manager 13.0.0F5 Big-ip Application Acceleration Manager 11.2.1F5 Big-ip Advanced Firewall Manager 11.2.1F5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Firewall Manager 13.0.0F5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager 11.2.1F5 Big-ip Access Policy Manager 13.0.0F5 Big-ip Application Security ManagerF5 Big-ip Application Security Manager 11.2.1F5 Big-ip Application Security Manager 13.0.0F5 Big-ip Edge Gateway 11.2.1F5 Big-ip Edge GatewayF5 Big-ip Edge Gateway 13.0.0F5 Big-ip Link Controller 13.0.0F5 Big-ip Link ControllerF5 Big-ip Link Controller 11.2.1F5 Big-ip Policy Enforcement Manager
383
VMScore
CVE-2018-5521
On F5 BIG-IP 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, carefully crafted URLs can be used to reflect arbitrary content into GeoIP lookup responses, potentially exposing clients to XSS.
F5 Big-ip Application Acceleration ManagerF5 Big-ip Application Acceleration Manager 11.2.1F5 Big-ip Local Traffic ManagerF5 Big-ip Local Traffic Manager 11.2.1F5 Big-ip Advanced Firewall Manager 11.2.1F5 Big-ip Advanced Firewall ManagerF5 Big-ip Analytics 11.2.1F5 Big-ip AnalyticsF5 Big-ip Access Policy Manager 11.2.1F5 Big-ip Access Policy ManagerF5 Big-ip Application Security ManagerF5 Big-ip Application Security Manager 11.2.1F5 Big-ip Domain Name SystemF5 Big-ip Domain Name System 11.2.1F5 Big-ip Edge Gateway 11.2.1F5 Big-ip Edge GatewayF5 Big-ip Global Traffic Manager 11.2.1F5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Link Controller 11.2.1F5 Big-ip Policy Enforcement ManagerF5 Big-ip Policy Enforcement Manager 11.2.1
570
VMScore
CVE-2017-6158
In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 there is a vulnerability in TMM related to handling of invalid IP addresses.
F5 Big-ip Local Traffic Manager 11.2.1F5 Big-ip Local Traffic ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Acceleration Manager 11.2.1F5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Firewall Manager 11.2.1F5 Big-ip AnalyticsF5 Big-ip Analytics 11.2.1F5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager 11.2.1F5 Big-ip Application Security Manager 11.2.1F5 Big-ip Application Security ManagerF5 Big-ip Edge GatewayF5 Big-ip Edge Gateway 11.2.1F5 Big-ip Global Traffic ManagerF5 Big-ip Global Traffic Manager 11.2.1F5 Big-ip Link ControllerF5 Big-ip Link Controller 11.2.1F5 Big-ip Policy Enforcement ManagerF5 Big-ip Policy Enforcement Manager 11.2.1F5 Big-ip Webaccelerator 11.2.1F5 Big-ip Webaccelerator
383
VMScore
CVE-2014-3959
Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 up to and including 11.5.1, AAM 11.4.0 up to and including 11.5.1 PEM 11.3.0 up to and including 11.5.1, PSM 11.2.1 up to ...
F5 Big-ip Application Acceleration Manager 11.5.1F5 Big-ip Advanced Firewall Manager 11.2.1F5 Big-ip Advanced Firewall Manager 11.5.1F5 Big-ip Analytics 11.2.1F5 Big-ip Analytics 11.5.1F5 Big-ip Protocol Security Module 11.2.1F5 Big-ip Protocol Security Module 11.4.1F5 Big-ip Webaccelerator 11.2.1F5 Big-ip Webaccelerator 11.3.0F5 Big-ip Local Traffic Manager 11.2.1F5 Big-ip Application Acceleration Manager 11.4.0F5 Big-ip Access Policy Manager 11.5.1F5 Big-ip Application Security Manager 11.5.1F5 Big-ip Link Controller 11.2.1F5 Big-ip Policy Enforcement Manager 11.3.0F5 Big-ip Wan Optimization Manager 11.3.0F5 Enterprise Manager 3.1.1F5 Big-ip Edge Gateway 11.2.1F5 Big-ip Edge Gateway 11.3.0F5 Big-ip Global Traffic Manager 11.2.1F5 Big-ip Global Traffic Manager 11.5.1F5 Big-ip Local Traffic Manager 11.5.1
383
VMScore
CVE-2018-5501
In some circumstances, on F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, any 11.6.x or 11.5.x release, or 11.2.1, TCP DNS profile allows excessive buffering due to lack of flow control.
F5 Big-ip Local Traffic ManagerF5 Big-ip Local Traffic Manager 11.2.1F5 Big-ip Local Traffic Manager 13.0.0F5 Big-ip Application Acceleration Manager 11.2.1F5 Big-ip Application Acceleration ManagerF5 Big-ip Application Acceleration Manager 13.0.0F5 Big-ip Advanced Firewall Manager 11.2.1F5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Firewall Manager 13.0.0F5 Big-ip Analytics 13.0.0F5 Big-ip AnalyticsF5 Big-ip Analytics 11.2.1F5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager 11.2.1F5 Big-ip Access Policy Manager 13.0.0F5 Big-ip Application Security Manager 11.2.1F5 Big-ip Application Security ManagerF5 Big-ip Application Security Manager 13.0.0F5 Big-ip DnsF5 Big-ip Dns 13.0.0F5 Big-ip Dns 11.2.1F5 Big-ip Link Controller 11.2.1
534
VMScore
CVE-2017-6156
When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 system is configured with a wildcard IPSec tunnel endpoint, it may allow a remote malicious user to disrupt or impersonate the tunnels that have completed phase 1 IPSec negotiations. The attacker must posse...
F5 Big-ip Local Traffic Manager 11.6.1F5 Big-ip Local Traffic Manager 11.2.1F5 Big-ip Local Traffic ManagerF5 Big-ip Application Acceleration Manager 11.2.1F5 Big-ip Application Acceleration ManagerF5 Big-ip Application Acceleration Manager 11.6.1F5 Big-ip Advanced Firewall Manager 11.2.1F5 Big-ip Advanced Firewall Manager 11.6.1F5 Big-ip Advanced Firewall ManagerF5 Big-ip Analytics 11.6.1F5 Big-ip Analytics 11.2.1F5 Big-ip AnalyticsF5 Big-ip Access Policy Manager 11.2.1F5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager 11.6.1F5 Big-ip Application Security ManagerF5 Big-ip Application Security Manager 11.2.1F5 Big-ip Application Security Manager 11.6.1F5 Big-ip Edge GatewayF5 Big-ip Edge Gateway 11.2.1F5 Big-ip Edge Gateway 11.6.1F5 Big-ip Global Traffic Manager 11.2.1
383
VMScore
CVE-2018-5522
On F5 BIG-IP 13.0.0, 12.0.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, when processing DIAMETER transactions with carefully crafted attribute-value pairs, TMM may crash.
F5 Big-ip Application Acceleration Manager 11.2.1F5 Big-ip Application Acceleration ManagerF5 Big-ip Application Acceleration Manager 13.0.0F5 Big-ip Local Traffic ManagerF5 Big-ip Local Traffic Manager 11.2.1F5 Big-ip Local Traffic Manager 13.0.0F5 Big-ip Advanced Firewall Manager 13.0.0F5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Firewall Manager 11.2.1F5 Big-ip Analytics 11.2.1F5 Big-ip AnalyticsF5 Big-ip Analytics 13.0.0F5 Big-ip Access Policy Manager 13.0.0F5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager 11.2.1F5 Big-ip Application Security ManagerF5 Big-ip Application Security Manager 11.2.1F5 Big-ip Application Security Manager 13.0.0F5 Big-ip Domain Name System 11.2.1F5 Big-ip Domain Name SystemF5 Big-ip Domain Name System 13.0.0F5 Big-ip Edge Gateway 13.0.0
445
VMScore
CVE-2016-5023
Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 up to and including 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote malicious users to cause a denial of service (Traffic Management Microke...
F5 Big-ip Edge Gateway 11.2.1F5 Big-ip Protocol Security Module 11.2.1F5 Big-ip Protocol Security Module 11.4.1F5 Big-ip Analytics 11.5.3F5 Big-ip Analytics 11.4.1F5 Big-ip Analytics 11.2.1F5 Big-ip Analytics 12.0.0F5 Big-ip Analytics 11.5.4F5 Big-ip Analytics 11.6.0F5 Big-ip Application Security Manager 12.0.0F5 Big-ip Application Security Manager 11.2.1F5 Big-ip Application Security Manager 11.5.4F5 Big-ip Application Security Manager 11.4.1F5 Big-ip Application Security Manager 11.6.0F5 Big-ip Application Security Manager 11.5.3F5 Big-ip Advanced Firewall Manager 12.0.0F5 Big-ip Advanced Firewall Manager 11.6.0F5 Big-ip Advanced Firewall Manager 11.5.3F5 Big-ip Advanced Firewall Manager 11.4.1F5 Big-ip Advanced Firewall Manager 11.5.4F5 Big-ip Domain Name System 12.0.0F5 Big-ip Policy Enforcement Manager 12.0.0
668
VMScore
CVE-2012-3000
Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x prior to 11.2.0-HF3 and 11.2.x prior to 11...
F5 Big-ip Webaccelerator 11.2.0F5 Big-ip Webaccelerator 11.2.1F5 Big-ip Webaccelerator 11.0.0F5 Big-ip Webaccelerator 11.1.0F5 Big-ip Global Traffic Manager 11.1.0F5 Big-ip Global Traffic Manager 11.0.0F5 Big-ip Global Traffic Manager 11.2.1F5 Big-ip Global Traffic Manager 11.2.0F5 Big-ip Local Traffic Manager 11.1.0F5 Big-ip Local Traffic Manager 11.0.0F5 Big-ip Local Traffic Manager 11.2.0F5 Big-ip Local Traffic Manager 11.2.1F5 Big-ip Protocol Security Module 11.0.0F5 Big-ip Protocol Security Module 11.1.0F5 Big-ip Protocol Security Module 11.2.0F5 Big-ip Protocol Security Module 11.2.1F5 Big-ip Wan Optimization Manager 11.0.0F5 Big-ip Wan Optimization Manager 11.2.0F5 Big-ip Wan Optimization Manager 11.2.1F5 Big-ip Wan Optimization Manager 11.1.0F5 Big-ip Link Controller 11.2.1F5 Big-ip Link Controller 11.1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook