Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

f5 big-ip websafe 11.6.0 vulnerabilities and exploits

(subscribe to this query)
6.8
CVSSv2
CVE-2017-6157
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.0 - 11.5.4, virtual servers with a configuration using the HTTP Explicit Proxy functionality and/or SOCKS profile are vulnerable t...
F5 Big-ip Local Traffic ManagerF5 Big-ip Local Traffic Manager 11.6.1F5 Big-ip Local Traffic Manager 12.0.0F5 Big-ip Local Traffic Manager 12.1.0F5 Big-ip Local Traffic Manager 12.1.1F5 Big-ip Local Traffic Manager 11.6.0F5 Big-ip Application Acceleration ManagerF5 Big-ip Application Acceleration Manager 11.6.1F5 Big-ip Application Acceleration Manager 12.1.0F5 Big-ip Application Acceleration Manager 12.1.1F5 Big-ip Application Acceleration Manager 11.6.0F5 Big-ip Application Acceleration Manager 12.0.0F5 Big-ip Advanced Firewall Manager 11.6.1F5 Big-ip Advanced Firewall Manager 12.1.0F5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Firewall Manager 12.1.1F5 Big-ip Advanced Firewall Manager 11.6.0F5 Big-ip Advanced Firewall Manager 12.0.0F5 Big-ip Access Policy Manager 11.6.1F5 Big-ip Access Policy Manager 12.1.0F5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager 11.6.0
2.1
CVSSv2
CVE-2016-6249
F5 BIG-IP 12.0.0 and 11.5.0 - 11.6.1 REST requests which timeout during user account authentication may log sensitive attributes such as passwords in plaintext to /var/log/restjavad.0.log. It may allow local users to obtain sensitive information by reading these files.
F5 Big-ip Websafe 11.5.4F5 Big-ip Websafe 11.6.0F5 Big-ip Policy Enforcement Manager 11.5.2F5 Big-ip Policy Enforcement Manager 11.5.1F5 Big-ip Application Security Manager 11.5.4F5 Big-ip Application Security Manager 11.6.0F5 Big-ip Access Policy Manager 11.5.4F5 Big-ip Link Controller 11.6.1F5 Big-ip Analytics 11.5.4F5 Big-ip Analytics 11.6.0F5 Big-ip Advanced Firewall Manager 11.5.4F5 Big-ip Advanced Firewall Manager 11.6.0F5 Big-ip Application Acceleration Manager 11.5.4F5 Big-ip Application Acceleration Manager 11.6.0F5 Big-ip Application Acceleration Manager 12.0.0F5 Big-ip Local Traffic Manager 11.6.0F5 Big-ip Local Traffic Manager 12.0.0F5 Big-ip Global Traffic Manager 11.5.0F5 Big-ip Link Controller 11.5.0F5 Big-ip Websafe 11.5.2F5 Big-ip Websafe 11.5.3F5 Big-ip Policy Enforcement Manager 11.5.4
4.3
CVSSv2
CVE-2017-6168
On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) ...
F5 Big-ip LtmF5 Big-ip Ltm 13.0.0F5 Big-ip Application Acceleration Manager 13.0.0F5 Big-ip Application Acceleration ManagerF5 Big-ip AfmF5 Big-ip Afm 13.0.0F5 Big-ip Analytics 13.0.0F5 Big-ip AnalyticsF5 Big-ip ApmF5 Big-ip Apm 13.0.0F5 Big-ip AsmF5 Big-ip Asm 13.0.0F5 Big-ip Link ControllerF5 Big-ip Link Controller 13.0.0F5 Big-ip Pem 13.0.0F5 Big-ip PemF5 Websafe 13.0.0F5 WebsafeF5 Websafe 11.6.2
9.3
CVSSv2
CVE-2016-5700
Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4, and 12.1.0 before HF2, when configured with the HTTP Explicit Proxy functionality or SOCKS profile, allow remote malicious ...
F5 Big-ip Policy Enforcement Manager 11.6.0F5 Big-ip Policy Enforcement Manager 12.0.0F5 Big-ip Policy Enforcement Manager 12.1.0F5 Big-ip Policy Enforcement Manager 11.6.1F5 Big-ip Policy Enforcement Manager 11.5.2F5 Big-ip Policy Enforcement Manager 11.5.3F5 Big-ip Policy Enforcement Manager 11.5.4F5 Big-ip Policy Enforcement Manager 11.5.0F5 Big-ip Policy Enforcement Manager 11.5.1F5 Big-ip Local Traffic Manager 11.5.3F5 Big-ip Local Traffic Manager 11.5.4F5 Big-ip Local Traffic Manager 12.1.0F5 Big-ip Local Traffic Manager 12.0.0F5 Big-ip Local Traffic Manager 11.6.0F5 Big-ip Local Traffic Manager 11.5.1F5 Big-ip Local Traffic Manager 11.5.2F5 Big-ip Local Traffic Manager 11.6.1F5 Big-ip Local Traffic Manager 11.5.0F5 Big-ip Websafe 11.6.0F5 Big-ip Websafe 12.0.0F5 Big-ip Websafe 12.1.0F5 Big-ip Websafe 11.6.1
4.3
CVSSv2
CVE-2017-6159
F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 are vulnerable to a denial of service attack when the MPTCP option is enabled on a virtual server. Data plane is vulnerable when using the MPT...
F5 Big-ip Local Traffic Manager 11.6.0F5 Big-ip Local Traffic Manager 12.0.0F5 Big-ip Local Traffic Manager 12.1.1F5 Big-ip Local Traffic Manager 12.1.2F5 Big-ip Local Traffic Manager 11.6.1F5 Big-ip Local Traffic Manager 12.1.0F5 Big-ip Application Acceleration Manager 11.6.1F5 Big-ip Application Acceleration Manager 12.1.0F5 Big-ip Application Acceleration Manager 12.1.2F5 Big-ip Application Acceleration Manager 11.6.0F5 Big-ip Application Acceleration Manager 12.0.0F5 Big-ip Application Acceleration Manager 12.1.1F5 Big-ip Advanced Firewall Manager 12.1.2F5 Big-ip Advanced Firewall Manager 12.1.0F5 Big-ip Advanced Firewall Manager 12.0.0F5 Big-ip Advanced Firewall Manager 11.6.0F5 Big-ip Advanced Firewall Manager 11.6.1F5 Big-ip Advanced Firewall Manager 12.1.1F5 Big-ip Access Policy Manager 12.1.0F5 Big-ip Access Policy Manager 12.0.0F5 Big-ip Access Policy Manager 11.6.1F5 Big-ip Access Policy Manager 11.6.0
4.3
CVSSv2
CVE-2017-6162
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, 11.2.1, in some cases TMM may crash when processing TCP traffic. This vulnerability affects TMM via a virt...
F5 Big-ip Local Traffic Manager 11.2.1F5 Big-ip Local Traffic ManagerF5 Big-ip Local Traffic Manager 11.6.0F5 Big-ip Local Traffic Manager 11.6.1F5 Big-ip Local Traffic Manager 12.1.0F5 Big-ip Local Traffic Manager 12.0.0F5 Big-ip Local Traffic Manager 12.1.1F5 Big-ip Application Acceleration Manager 11.2.1F5 Big-ip Application Acceleration ManagerF5 Big-ip Application Acceleration Manager 11.6.0F5 Big-ip Application Acceleration Manager 11.6.1F5 Big-ip Application Acceleration Manager 12.0.0F5 Big-ip Application Acceleration Manager 12.1.1F5 Big-ip Application Acceleration Manager 12.1.0F5 Big-ip Advanced Firewall Manager 11.2.1F5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Firewall Manager 11.6.0F5 Big-ip Advanced Firewall Manager 11.6.1F5 Big-ip Advanced Firewall Manager 12.1.0F5 Big-ip Advanced Firewall Manager 12.0.0F5 Big-ip Advanced Firewall Manager 12.1.1F5 Big-ip Access Policy Manager 11.2.1
5
CVSSv2
CVE-2016-7476
The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, APM, ASM, GTM, Link Controller, PEM, PSM, and WebSafe 11.6.0 prior to 11.6.0 HF6, 11.5.0 prior to 11.5.3 HF2, and 11.3.0 prior to 11.4.1 HF10 may suffer from a memory leak while handling certain types of TCP tra...
F5 Big-ip Websafe 11.6.0F5 Big-ip Protocol Security Module 11.4.0F5 Big-ip Protocol Security Module 11.4.1F5 Big-ip Protocol Security Module 11.3.0F5 Big-ip Policy Enforcement Manager 11.4.0F5 Big-ip Policy Enforcement Manager 11.4.1F5 Big-ip Policy Enforcement Manager 11.5.2F5 Big-ip Policy Enforcement Manager 11.5.3F5 Big-ip Policy Enforcement Manager 11.3.0F5 Big-ip Policy Enforcement Manager 11.6.0F5 Big-ip Policy Enforcement Manager 11.5.0F5 Big-ip Policy Enforcement Manager 11.5.1F5 Big-ip Link Controller 11.3.0F5 Big-ip Link Controller 11.4.0F5 Big-ip Link Controller 11.5.1F5 Big-ip Link Controller 11.5.2F5 Big-ip Link Controller 11.5.3F5 Big-ip Link Controller 11.6.0F5 Big-ip Link Controller 11.4.1F5 Big-ip Link Controller 11.5.0F5 Big-ip Global Traffic Manager 11.3.0F5 Big-ip Global Traffic Manager 11.4.0
5
CVSSv2
CVE-2018-5530
F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.1 virtual servers with HTTP/2 profiles enabled are vulnerable to "HPACK Bomb".
F5 Big-ip Local Traffic ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip AnalyticsF5 Big-ip Access Policy ManagerF5 Big-ip Application Security ManagerF5 Big-ip Edge GatewayF5 Big-ip Policy Enforcement ManagerF5 Big-ip Websafe
2.6
CVSSv2
CVE-2018-5537
A remote attacker may be able to disrupt services on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 if the TMM virtual server is configured with a HTML or a Rewrite profile. TMM may restart while processing some specially prepared HTML content from ...
F5 Big-ip Local Traffic ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip Access Policy ManagerF5 Big-ip Application Security ManagerF5 Big-ip Edge GatewayF5 Big-ip Global Traffic ManagerF5 Big-ip Policy Enforcement ManagerF5 Big-ip WebacceleratorF5 Big-ip Websafe
3.5
CVSSv2
CVE-2016-7469
A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11...
F5 Big-ip Local Traffic Manager 11.5.4F5 Big-ip Local Traffic Manager 11.6.0F5 Big-ip Local Traffic Manager 11.4.1F5 Big-ip Local Traffic Manager 11.5.0F5 Big-ip Local Traffic Manager 12.1.0F5 Big-ip Local Traffic Manager 12.1.1F5 Big-ip Local Traffic Manager 11.2.1F5 Big-ip Local Traffic Manager 11.4.0F5 Big-ip Local Traffic Manager 11.6.1F5 Big-ip Local Traffic Manager 12.0.0F5 Big-ip Local Traffic Manager 11.5.1F5 Big-ip Local Traffic Manager 11.5.2F5 Big-ip Local Traffic Manager 11.5.3F5 Big-ip Local Traffic Manager 12.1.2F5 Big-ip Application Acceleration Manager 11.5.4F5 Big-ip Application Acceleration Manager 11.6.0F5 Big-ip Application Acceleration Manager 11.4.1F5 Big-ip Application Acceleration Manager 11.5.0F5 Big-ip Application Acceleration Manager 11.5.1F5 Big-ip Application Acceleration Manager 12.1.0F5 Big-ip Application Acceleration Manager 12.1.1F5 Big-ip Application Acceleration Manager 11.5.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111CVE-2024-32884IDORCVE-2023-1000CVE-2024-33260CVE-2024-3682reflected XSSrace conditionCVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook