Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

f5 big-ip policy enforcement manager 13.1.5 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2023-22374
A format string vulnerability exists in iControl SOAP that allows an authenticated malicious user to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the malicious user to c...
F5 Big-ip Application Security Manager 13.1.0F5 Big-ip Advanced Firewall Manager 17.0.0F5 Big-ip Advanced Firewall Manager 13.1.5F5 Big-ip Access Policy Manager 17.0.0F5 Big-ip Access Policy Manager 13.1.5F5 Big-ip Analytics 17.0.0F5 Big-ip Analytics 13.1.5F5 Big-ip Application Security Manager 17.0.0F5 Big-ip Application Acceleration Manager 17.0.0F5 Big-ip Application Acceleration Manager 13.1.5F5 Big-ip Policy Enforcement Manager 17.0.0F5 Big-ip Policy Enforcement Manager 13.1.5F5 Big-ip Local Traffic Manager 17.0.0F5 Big-ip Local Traffic Manager 13.1.5F5 Big-ip Link Controller 17.0.0F5 Big-ip Link Controller 13.1.5F5 Big-ip Fraud Protection Service 17.0.0F5 Big-ip Fraud Protection Service 13.1.5F5 Big-ip Domain Name System 17.0.0F5 Big-ip Ssl Orchestrator 13.1.5F5 Big-ip Ddos Hybrid Defender 13.1.5F5 Big-ip Application Security Manager
5
CVSSv2
CVE-2022-28705
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, and 13.1.x versions before 13.1.5, on platforms with an ePVA and the pva.fwdaccel BigDB variable enabled, undisclosed requests to a virtual server with a FastL4 profile...
F5 Big-ip Local Traffic Manager 13.1.0F5 Big-ip Application Acceleration Manager 13.1.0F5 Big-ip Advanced Firewall Manager 13.1.0F5 Big-ip Analytics 13.1.0F5 Big-ip Access Policy Manager 13.1.0F5 Big-ip Application Security Manager 13.1.0F5 Big-ip Global Traffic Manager 13.1.0F5 Big-ip Link Controller 13.1.0F5 Big-ip Policy Enforcement Manager 13.1.0F5 Big-ip Domain Name System 13.1.0F5 Big-ip Access Policy Manager 14.1.0F5 Big-ip Advanced Firewall Manager 14.1.0F5 Big-ip Advanced Firewall Manager 15.1.0F5 Big-ip Analytics 14.1.0F5 Big-ip Application Acceleration Manager 14.1.0F5 Big-ip Application Acceleration Manager 15.1.0F5 Big-ip Application Security Manager 14.1.0F5 Big-ip Domain Name System 14.1.0F5 Big-ip Domain Name System 15.1.0F5 Big-ip Fraud Protection Service 13.1.0F5 Big-ip Fraud Protection Service 14.1.0F5 Big-ip Fraud Protection Service 15.1.0
5
CVSSv2
CVE-2022-28691
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5, 14.1.x versions before 14.1.4.6, and 13.1.x versions before 13.1.5, when a Real Time Streaming Protocol (RTSP) profile is configured on a virtual server, undisclosed traffic can cause an increase in Traf...
F5 Big-ip Local Traffic Manager 13.1.0F5 Big-ip Application Acceleration Manager 13.1.0F5 Big-ip Advanced Firewall Manager 13.1.0F5 Big-ip Analytics 13.1.0F5 Big-ip Access Policy Manager 13.1.0F5 Big-ip Application Security Manager 13.1.0F5 Big-ip Global Traffic Manager 13.1.0F5 Big-ip Link Controller 13.1.0F5 Big-ip Policy Enforcement Manager 13.1.0F5 Big-ip Domain Name System 13.1.0F5 Big-ip Access Policy Manager 14.1.0F5 Big-ip Advanced Firewall Manager 14.1.0F5 Big-ip Advanced Firewall Manager 15.1.0F5 Big-ip Analytics 14.1.0F5 Big-ip Application Acceleration Manager 14.1.0F5 Big-ip Application Acceleration Manager 15.1.0F5 Big-ip Application Security Manager 14.1.0F5 Big-ip Domain Name System 14.1.0F5 Big-ip Domain Name System 15.1.0F5 Big-ip Fraud Protection Service 13.1.0F5 Big-ip Fraud Protection Service 14.1.0F5 Big-ip Fraud Protection Service 15.1.0
6
CVSSv2
CVE-2022-27878
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP, and F5 BIG-IP Guided Configuration (GC) all versions before 9.0, a stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an ...
F5 Big-ip Local Traffic Manager 13.1.0F5 Big-ip Application Acceleration Manager 13.1.0F5 Big-ip Advanced Firewall Manager 13.1.0F5 Big-ip Analytics 13.1.0F5 Big-ip Access Policy Manager 13.1.0F5 Big-ip Application Security Manager 13.1.0F5 Big-ip Global Traffic Manager 13.1.0F5 Big-ip Link Controller 13.1.0F5 Big-ip Policy Enforcement Manager 13.1.0F5 Big-ip Domain Name System 13.1.0F5 Big-ip Access Policy Manager 14.1.0F5 Big-ip Advanced Firewall Manager 14.1.0F5 Big-ip Advanced Firewall Manager 15.1.0F5 Big-ip Analytics 14.1.0F5 Big-ip Application Acceleration Manager 14.1.0F5 Big-ip Application Acceleration Manager 15.1.0F5 Big-ip Application Security Manager 14.1.0F5 Big-ip Domain Name System 14.1.0F5 Big-ip Domain Name System 15.1.0F5 Big-ip Fraud Protection Service 13.1.0F5 Big-ip Fraud Protection Service 14.1.0F5 Big-ip Fraud Protection Service 15.1.0
5
CVSSv2
CVE-2022-29473
On F5 BIG-IP 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, and 13.1.x versions before 13.1.5, when an IPSec ALG profile is configured on a virtual server, undisclosed responses can cause Traffic Management Microkernel(TMM) to terminate. Note: Software versions...
F5 Big-ip Local Traffic Manager 13.1.0F5 Big-ip Application Acceleration Manager 13.1.0F5 Big-ip Advanced Firewall Manager 13.1.0F5 Big-ip Analytics 13.1.0F5 Big-ip Access Policy Manager 13.1.0F5 Big-ip Application Security Manager 13.1.0F5 Big-ip Global Traffic Manager 13.1.0F5 Big-ip Link Controller 13.1.0F5 Big-ip Policy Enforcement Manager 13.1.0F5 Big-ip Domain Name System 13.1.0F5 Big-ip Access Policy Manager 14.1.0F5 Big-ip Advanced Firewall Manager 14.1.0F5 Big-ip Advanced Firewall Manager 15.1.0F5 Big-ip Analytics 14.1.0F5 Big-ip Application Acceleration Manager 14.1.0F5 Big-ip Application Acceleration Manager 15.1.0F5 Big-ip Application Security Manager 14.1.0F5 Big-ip Domain Name System 14.1.0F5 Big-ip Domain Name System 15.1.0F5 Big-ip Fraud Protection Service 13.1.0F5 Big-ip Fraud Protection Service 14.1.0F5 Big-ip Fraud Protection Service 15.1.0
5
CVSSv2
CVE-2022-26517
On F5 BIG-IP 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, and 13.1.x versions before 13.1.5, when the BIG-IP CGNAT Large Scale NAT (LSN) pool is configured on a virtual server and packet filtering is enabled, undisclosed requests can cause the Traffic Managem...
F5 Big-ip Local Traffic Manager 13.1.0F5 Big-ip Application Acceleration Manager 13.1.0F5 Big-ip Advanced Firewall Manager 13.1.0F5 Big-ip Analytics 13.1.0F5 Big-ip Access Policy Manager 13.1.0F5 Big-ip Application Security Manager 13.1.0F5 Big-ip Global Traffic Manager 13.1.0F5 Big-ip Link Controller 13.1.0F5 Big-ip Policy Enforcement Manager 13.1.0F5 Big-ip Domain Name System 13.1.0F5 Big-ip Access Policy Manager 14.1.0F5 Big-ip Advanced Firewall Manager 14.1.0F5 Big-ip Advanced Firewall Manager 15.1.0F5 Big-ip Analytics 14.1.0F5 Big-ip Application Acceleration Manager 14.1.0F5 Big-ip Application Acceleration Manager 15.1.0F5 Big-ip Application Security Manager 14.1.0F5 Big-ip Domain Name System 14.1.0F5 Big-ip Domain Name System 15.1.0F5 Big-ip Fraud Protection Service 13.1.0F5 Big-ip Fraud Protection Service 14.1.0F5 Big-ip Fraud Protection Service 15.1.0
5
CVSSv2
CVE-2022-26130
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, and 13.1.x versions before 13.1.5, when an Active mode-enabled FTP profile is configured on a virtual server, undisclosed traffic can cause the virtual server to stop p...
F5 Big-ip Local Traffic Manager 13.1.0F5 Big-ip Application Acceleration Manager 13.1.0F5 Big-ip Advanced Firewall Manager 13.1.0F5 Big-ip Analytics 13.1.0F5 Big-ip Access Policy Manager 13.1.0F5 Big-ip Application Security Manager 13.1.0F5 Big-ip Global Traffic Manager 13.1.0F5 Big-ip Link Controller 13.1.0F5 Big-ip Policy Enforcement Manager 13.1.0F5 Big-ip Domain Name System 13.1.0F5 Big-ip Access Policy Manager 14.1.0F5 Big-ip Advanced Firewall Manager 14.1.0F5 Big-ip Advanced Firewall Manager 15.1.0F5 Big-ip Analytics 14.1.0F5 Big-ip Application Acceleration Manager 14.1.0F5 Big-ip Application Acceleration Manager 15.1.0F5 Big-ip Application Security Manager 14.1.0F5 Big-ip Domain Name System 14.1.0F5 Big-ip Domain Name System 15.1.0F5 Big-ip Fraud Protection Service 13.1.0F5 Big-ip Fraud Protection Service 14.1.0F5 Big-ip Fraud Protection Service 15.1.0
5
CVSSv2
CVE-2022-29479
On F5 BIG-IP 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x and 11.6.x, and F5 BIG-IQ Centralized Management all versions of 8.x and 7.x, when an IPv6 self IP address is configured and the ipv6.strictcom...
F5 Big-ip Local Traffic Manager 11.6.1F5 Big-ip Local Traffic Manager 12.1.2F5 Big-ip Advanced Firewall Manager 12.1.0F5 Big-ip Access Policy Manager 12.1.2F5 Big-ip Global Traffic Manager 11.6.1F5 Big-ip Domain Name System 12.1.2F5 Big-ip Policy Enforcement Manager 12.1.1F5 Big-ip Policy Enforcement Manager 12.1.2F5 Big-ip Advanced Firewall Manager 12.1.2F5 Big-ip Application Security Manager 12.1.1F5 Big-ip Access Policy Manager 12.1.0F5 Big-ip Access Policy Manager 12.1.1F5 Big-ip Advanced Firewall Manager 11.6.1F5 Big-ip Advanced Firewall Manager 12.1.1F5 Big-ip Analytics 11.6.1F5 Big-ip Analytics 12.1.0F5 Big-ip Analytics 12.1.2F5 Big-ip Application Acceleration Manager 11.6.1F5 Big-ip Application Acceleration Manager 12.1.0F5 Big-ip Application Acceleration Manager 12.1.1F5 Big-ip Application Acceleration Manager 12.1.2F5 Big-ip Application Security Manager 11.6.1
4
CVSSv2
CVE-2022-26340
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x and 11.6.x, and F5 BIG-IQ Centralized Management all versions of 8.x and 7.x, an authenticated, high-privilege...
F5 Big-ip Local Traffic Manager 11.6.1F5 Big-ip Local Traffic Manager 12.1.2F5 Big-ip Advanced Firewall Manager 12.1.0F5 Big-ip Access Policy Manager 12.1.2F5 Big-ip Global Traffic Manager 11.6.1F5 Big-ip Domain Name System 12.1.2F5 Big-ip Policy Enforcement Manager 12.1.1F5 Big-ip Policy Enforcement Manager 12.1.2F5 Big-ip Advanced Firewall Manager 12.1.2F5 Big-ip Application Security Manager 12.1.1F5 Big-ip Access Policy Manager 12.1.0F5 Big-ip Access Policy Manager 12.1.1F5 Big-ip Advanced Firewall Manager 11.6.1F5 Big-ip Advanced Firewall Manager 12.1.1F5 Big-ip Analytics 11.6.1F5 Big-ip Analytics 12.1.0F5 Big-ip Analytics 12.1.2F5 Big-ip Application Acceleration Manager 11.6.1F5 Big-ip Application Acceleration Manager 12.1.0F5 Big-ip Application Acceleration Manager 12.1.1F5 Big-ip Application Acceleration Manager 12.1.2F5 Big-ip Application Security Manager 11.6.1
4
CVSSv2
CVE-2022-29474
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x and 11.6.x, a directory traversal vulnerability exists in iControl SOAP that allows an authenticated attacker ...
F5 Big-ip Local Traffic Manager 11.6.1F5 Big-ip Local Traffic Manager 12.1.2F5 Big-ip Advanced Firewall Manager 12.1.0F5 Big-ip Access Policy Manager 12.1.2F5 Big-ip Global Traffic Manager 11.6.1F5 Big-ip Domain Name System 12.1.2F5 Big-ip Policy Enforcement Manager 12.1.1F5 Big-ip Policy Enforcement Manager 12.1.2F5 Big-ip Advanced Firewall Manager 12.1.2F5 Big-ip Application Security Manager 12.1.1F5 Big-ip Advanced Firewall Manager 12.1.1F5 Big-ip Advanced Firewall Manager 11.6.1F5 Big-ip Access Policy Manager 12.1.1F5 Big-ip Access Policy Manager 12.1.0F5 Big-ip Analytics 12.1.2F5 Big-ip Analytics 12.1.0F5 Big-ip Analytics 11.6.1F5 Big-ip Application Security Manager 12.1.0F5 Big-ip Application Security Manager 11.6.1F5 Big-ip Application Acceleration Manager 12.1.2F5 Big-ip Application Acceleration Manager 12.1.1F5 Big-ip Application Acceleration Manager 12.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111CVE-2024-32884IDORCVE-2023-1000CVE-2024-33260CVE-2024-3682reflected XSSrace conditionCVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook