Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

f5 big-ip guided configuration vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2023-39447
When BIG-IP APM Guided Configurations are configured, undisclosed sensitive information may be logged in restnoded log. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Big-ip Access Policy Manager 17.0.0F5 Big-ip Guided Configuration 8.0F5 Big-ip Guided Configuration 6.0F5 Big-ip Access Policy ManagerF5 Big-ip Guided Configuration
6
CVSSv2
CVE-2022-27806
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF, ASM, and ASM, and F5 BIG-IP Guided Configuration (GC) all versions before 9.0, when running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to...
F5 Big-ip Access Policy Manager 13.1.0F5 Big-ip Application Security Manager 13.1.0F5 Big-ip Access Policy Manager 14.1.0F5 Big-ip Application Security Manager 14.1.0F5 Big-ip Application Security Manager 15.1.0F5 Big-ip Access Policy Manager 15.1.0F5 Big-ip Advanced Web Application Firewall 15.1.0F5 Big-ip Access Policy Manager 14.1.4F5 Big-ip Advanced Web Application Firewall 14.1.4F5 Big-ip Application Security Manager 14.1.4F5 Big-ip Access Policy Manager 13.1.1F5 Big-ip Access Policy Manager 13.1.3F5 Big-ip Access Policy Manager 13.1.4F5 Big-ip Access Policy Manager 13.1.5F5 Big-ip Access Policy Manager 14.1.2F5 Big-ip Access Policy Manager 14.1.3F5 Big-ip Access Policy Manager 15.1.1F5 Big-ip Access Policy Manager 15.1.2F5 Big-ip Access Policy Manager 15.1.3F5 Big-ip Access Policy Manager 15.1.4F5 Big-ip Access Policy Manager 15.1.5F5 Big-ip Access Policy Manager 16.1.0
4.3
CVSSv2
CVE-2022-27230
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP APM, and F5 BIG-IP Guided Configuration (GC) all versions before 9.0, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of F5 BIG-IP Guided Configuration that allow...
F5 Big-ip Access Policy Manager 13.1.0F5 Big-ip Access Policy Manager 14.1.0F5 Big-ip Access Policy Manager 15.1.0F5 Big-ip Access Policy Manager 14.1.4F5 Big-ip Access Policy Manager 16.1.0F5 Big-ip Access Policy Manager 16.1.2F5 Big-ip Access Policy Manager 16.1.1F5 Big-ip Access Policy Manager 15.1.5F5 Big-ip Access Policy Manager 15.1.4F5 Big-ip Access Policy Manager 15.1.3F5 Big-ip Access Policy Manager 13.1.1F5 Big-ip Access Policy Manager 13.1.3F5 Big-ip Access Policy Manager 13.1.4F5 Big-ip Access Policy Manager 13.1.5F5 Big-ip Access Policy Manager 14.1.2F5 Big-ip Access Policy Manager 14.1.3F5 Big-ip Access Policy Manager 15.1.1F5 Big-ip Access Policy Manager 15.1.2F5 Big-ip Guided Configuration
6
CVSSv2
CVE-2022-27878
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP, and F5 BIG-IP Guided Configuration (GC) all versions before 9.0, a stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an ...
F5 Big-ip Local Traffic Manager 13.1.0F5 Big-ip Application Acceleration Manager 13.1.0F5 Big-ip Advanced Firewall Manager 13.1.0F5 Big-ip Analytics 13.1.0F5 Big-ip Access Policy Manager 13.1.0F5 Big-ip Application Security Manager 13.1.0F5 Big-ip Global Traffic Manager 13.1.0F5 Big-ip Link Controller 13.1.0F5 Big-ip Policy Enforcement Manager 13.1.0F5 Big-ip Domain Name System 13.1.0F5 Big-ip Access Policy Manager 14.1.0F5 Big-ip Advanced Firewall Manager 14.1.0F5 Big-ip Advanced Firewall Manager 15.1.0F5 Big-ip Analytics 14.1.0F5 Big-ip Application Acceleration Manager 14.1.0F5 Big-ip Application Acceleration Manager 15.1.0F5 Big-ip Application Security Manager 14.1.0F5 Big-ip Domain Name System 14.1.0F5 Big-ip Domain Name System 15.1.0F5 Big-ip Fraud Protection Service 13.1.0F5 Big-ip Fraud Protection Service 14.1.0F5 Big-ip Fraud Protection Service 15.1.0
4
CVSSv2
CVE-2022-26835
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x and 11.6.x, directory traversal vulnerabilities exist in undisclosed iControl REST endpoints and TMOS Shell (t...
F5 Big-ip Local Traffic Manager 11.6.1F5 Big-ip Local Traffic Manager 12.1.2F5 Big-ip Advanced Firewall Manager 12.1.0F5 Big-ip Access Policy Manager 12.1.2F5 Big-ip Global Traffic Manager 11.6.1F5 Big-ip Domain Name System 12.1.2F5 Big-ip Policy Enforcement Manager 12.1.1F5 Big-ip Policy Enforcement Manager 12.1.2F5 Big-ip Advanced Firewall Manager 12.1.2F5 Big-ip Application Security Manager 12.1.1F5 Big-ip Access Policy Manager 12.1.0F5 Big-ip Access Policy Manager 12.1.1F5 Big-ip Advanced Firewall Manager 11.6.1F5 Big-ip Advanced Firewall Manager 12.1.1F5 Big-ip Analytics 11.6.1F5 Big-ip Analytics 12.1.0F5 Big-ip Analytics 12.1.2F5 Big-ip Application Acceleration Manager 11.6.1F5 Big-ip Application Acceleration Manager 12.1.0F5 Big-ip Application Acceleration Manager 12.1.1F5 Big-ip Application Acceleration Manager 12.1.2F5 Big-ip Application Security Manager 11.6.1
4.9
CVSSv2
CVE-2022-25946
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF, ASM, and ASM, and F5 BIG-IP Guided Configuration (GC) all versions before 9.0, when running in Appliance mode, an authenticated attacker with Administrator role privilege may be able ...
F5 Big-ip Access Policy Manager 13.1.0F5 Big-ip Application Security Manager 13.1.0F5 Big-ip Access Policy Manager 14.1.0F5 Big-ip Application Security Manager 14.1.0F5 Big-ip Application Security Manager 15.1.0F5 Big-ip Access Policy Manager 15.1.0F5 Big-ip Advanced Web Application Firewall 15.1.0F5 Big-ip Access Policy Manager 14.1.4F5 Big-ip Advanced Web Application Firewall 14.1.4F5 Big-ip Application Security Manager 14.1.4F5 Big-ip Access Policy Manager 13.1.1F5 Big-ip Access Policy Manager 13.1.3F5 Big-ip Access Policy Manager 13.1.4F5 Big-ip Access Policy Manager 13.1.5F5 Big-ip Access Policy Manager 14.1.2F5 Big-ip Access Policy Manager 14.1.3F5 Big-ip Access Policy Manager 15.1.1F5 Big-ip Access Policy Manager 15.1.2F5 Big-ip Access Policy Manager 15.1.3F5 Big-ip Access Policy Manager 15.1.4F5 Big-ip Access Policy Manager 15.1.5F5 Big-ip Access Policy Manager 16.1.0
3.5
CVSSv2
CVE-2021-23046
On all versions of Guided Configuration prior to 8.0.0, when a configuration that contains secure properties is created and deployed from Access Guided Configuration (AGC), secure properties are logged in restnoded logs. Note: Software versions which have reached End of Technical...
F5 Big-ip Access Policy ManagerF5 Big-ip Guided Configuration
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook