Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

f5 big-ip websafe 12.1.1 vulnerabilities and exploits

(subscribe to this query)
4.3
CVSSv2
CVE-2016-9247
Under certain conditions for BIG-IP systems using a virtual server with an associated FastL4 profile and TCP analytics profile, a specific sequence of packets may cause the Traffic Management Microkernel (TMM) to restart.
F5 Big-ip Local Traffic Manager 12.1.0F5 Big-ip Local Traffic Manager 12.1.1F5 Big-ip Application Acceleration Manager 12.1.0F5 Big-ip Application Acceleration Manager 12.1.1F5 Big-ip Advanced Firewall Manager 12.1.0F5 Big-ip Advanced Firewall Manager 12.1.1F5 Big-ip Analytics 12.1.0F5 Big-ip Analytics 12.1.1F5 Big-ip Access Policy Manager 12.1.0F5 Big-ip Access Policy Manager 12.1.1F5 Big-ip Application Security Manager 12.1.0F5 Big-ip Application Security Manager 12.1.1F5 Big-ip Domain Name System 12.1.0F5 Big-ip Domain Name System 12.1.1F5 Big-ip Link Controller 12.1.0F5 Big-ip Link Controller 12.1.1F5 Big-ip Policy Enforcement Manager 12.1.0F5 Big-ip Policy Enforcement Manager 12.1.1F5 Big-ip Websafe 12.1.1F5 Big-ip Websafe 12.1.0
4.3
CVSSv2
CVE-2017-6141
In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, and WebSafe 12.1.0 up to and including 12.1.2, certain values in a TLS abbreviated handshake when using a client SSL profile with the Session Ticket option enabled may cause disruption of service to the Traffic Managemen...
F5 Big-ip Link Controller 12.1.0F5 Big-ip Link Controller 12.1.1F5 Big-ip Application Security Manager 12.1.2F5 Big-ip Application Acceleration Manager 12.1.0F5 Big-ip Application Acceleration Manager 12.1.1F5 Big-ip Application Acceleration Manager 12.1.2F5 Big-ip Websafe 12.1.0F5 Big-ip Websafe 12.1.2F5 Big-ip Local Traffic Manager 12.1.1F5 Big-ip Application Security Manager 12.1.0F5 Big-ip Advanced Firewall Manager 12.1.1F5 Big-ip Access Policy Manager 12.1.2F5 Big-ip Policy Enforcement Manager 12.1.0F5 Big-ip Policy Enforcement Manager 12.1.1F5 Big-ip Policy Enforcement Manager 12.1.2F5 Big-ip Local Traffic Manager 12.1.0F5 Big-ip Access Policy Manager 12.1.0F5 Big-ip Link Controller 12.1.2F5 Big-ip Websafe 12.1.1F5 Big-ip Local Traffic Manager 12.1.2F5 Big-ip Application Security Manager 12.1.1F5 Big-ip Advanced Firewall Manager 12.1.0
4.3
CVSSv2
CVE-2016-9245
In F5 BIG-IP systems 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default "Normalize URI" conf...
F5 Big-ip Local Traffic Manager 12.1.0F5 Big-ip Local Traffic Manager 12.1.1F5 Big-ip Local Traffic Manager 12.1.2F5 Big-ip Application Acceleration Manager 12.1.2F5 Big-ip Application Acceleration Manager 12.1.0F5 Big-ip Application Acceleration Manager 12.1.1F5 Big-ip Advanced Firewall Manager 12.1.0F5 Big-ip Advanced Firewall Manager 12.1.1F5 Big-ip Advanced Firewall Manager 12.1.2F5 Big-ip Analytics 12.1.2F5 Big-ip Analytics 12.1.0F5 Big-ip Analytics 12.1.1F5 Big-ip Access Policy Manager 12.1.1F5 Big-ip Access Policy Manager 12.1.2F5 Big-ip Access Policy Manager 12.1.0F5 Big-ip Application Security Manager 12.1.2F5 Big-ip Application Security Manager 12.1.0F5 Big-ip Application Security Manager 12.1.1F5 Big-ip Domain Name System 12.1.1F5 Big-ip Domain Name System 12.1.2F5 Big-ip Domain Name System 12.1.0F5 Big-ip Link Controller 12.1.2
7.8
CVSSv2
CVE-2016-9249
An undisclosed traffic pattern received by a BIG-IP Virtual Server with TCP Fast Open enabled may cause the Traffic Management Microkernel (TMM) to restart, resulting in a Denial-of-Service (DoS).
F5 Big-ip Local Traffic Manager 12.0.0F5 Big-ip Local Traffic Manager 12.1.0F5 Big-ip Local Traffic Manager 12.1.1F5 Big-ip Application Acceleration Manager 12.1.0F5 Big-ip Application Acceleration Manager 12.1.1F5 Big-ip Application Acceleration Manager 12.0.0F5 Big-ip Advanced Firewall Manager 12.1.1F5 Big-ip Advanced Firewall Manager 12.0.0F5 Big-ip Advanced Firewall Manager 12.1.0F5 Big-ip Analytics 12.1.1F5 Big-ip Analytics 12.0.0F5 Big-ip Analytics 12.1.0F5 Big-ip Access Policy Manager 12.1.1F5 Big-ip Access Policy Manager 12.0.0F5 Big-ip Access Policy Manager 12.1.0F5 Big-ip Application Security Manager 12.1.1F5 Big-ip Application Security Manager 12.0.0F5 Big-ip Application Security Manager 12.1.0F5 Big-ip Domain Name System 12.1.1F5 Big-ip Domain Name System 12.0.0F5 Big-ip Domain Name System 12.1.0F5 Big-ip Link Controller 12.1.1
5
CVSSv2
CVE-2016-9253
In F5 BIG-IP 12.1.0 up to and including 12.1.2, specific websocket traffic patterns may cause a disruption of service for virtual servers configured to use the websocket profile.
F5 Big-ip Local Traffic Manager 12.1.0F5 Big-ip Local Traffic Manager 12.1.1F5 Big-ip Local Traffic Manager 12.1.2F5 Big-ip Application Acceleration Manager 12.1.1F5 Big-ip Application Acceleration Manager 12.1.2F5 Big-ip Application Acceleration Manager 12.1.0F5 Big-ip Advanced Firewall Manager 12.1.2F5 Big-ip Advanced Firewall Manager 12.1.0F5 Big-ip Advanced Firewall Manager 12.1.1F5 Big-ip Analytics 12.1.1F5 Big-ip Analytics 12.1.0F5 Big-ip Analytics 12.1.2F5 Big-ip Access Policy Manager 12.1.2F5 Big-ip Access Policy Manager 12.1.0F5 Big-ip Access Policy Manager 12.1.1F5 Big-ip Application Security Manager 12.1.2F5 Big-ip Application Security Manager 12.1.0F5 Big-ip Application Security Manager 12.1.1F5 Big-ip Domain Name System 12.1.1F5 Big-ip Domain Name System 12.1.0F5 Big-ip Domain Name System 12.1.2F5 Big-ip Link Controller 12.1.2
6.5
CVSSv2
CVE-2016-9251
In F5 BIG-IP 12.0.0 up to and including 12.1.2, an authenticated attacker may be able to cause an escalation of privileges through a crafted iControl REST connection.
F5 Big-ip Local Traffic Manager 12.0.0F5 Big-ip Local Traffic Manager 12.1.1F5 Big-ip Local Traffic Manager 12.1.2F5 Big-ip Local Traffic Manager 12.1.0F5 Big-ip Application Acceleration Manager 12.1.0F5 Big-ip Application Acceleration Manager 12.0.0F5 Big-ip Application Acceleration Manager 12.1.1F5 Big-ip Application Acceleration Manager 12.1.2F5 Big-ip Advanced Firewall Manager 12.1.2F5 Big-ip Advanced Firewall Manager 12.0.0F5 Big-ip Advanced Firewall Manager 12.1.1F5 Big-ip Advanced Firewall Manager 12.1.0F5 Big-ip Analytics 12.1.2F5 Big-ip Analytics 12.1.1F5 Big-ip Analytics 12.1.0F5 Big-ip Analytics 12.0.0F5 Big-ip Access Policy Manager 12.1.1F5 Big-ip Access Policy Manager 12.1.0F5 Big-ip Access Policy Manager 12.1.2F5 Big-ip Access Policy Manager 12.0.0F5 Big-ip Application Security Manager 12.1.0F5 Big-ip Application Security Manager 12.1.1
6
CVSSv2
CVE-2016-9256
In F5 BIG-IP 12.1.0 up to and including 12.1.2, permissions enforced by iControl can lag behind the actual permissions assigned to a user if the role_map is not reloaded between the time the permissions are changed and the time of the user's next request. This is a race cond...
F5 Big-ip Local Traffic Manager 12.1.1F5 Big-ip Local Traffic Manager 12.1.0F5 Big-ip Local Traffic Manager 12.0.0F5 Big-ip Local Traffic Manager 12.1.2F5 Big-ip Application Acceleration Manager 12.1.1F5 Big-ip Application Acceleration Manager 12.1.2F5 Big-ip Application Acceleration Manager 12.1.0F5 Big-ip Application Acceleration Manager 12.0.0F5 Big-ip Advanced Firewall Manager 12.1.2F5 Big-ip Advanced Firewall Manager 12.0.0F5 Big-ip Advanced Firewall Manager 12.1.0F5 Big-ip Advanced Firewall Manager 12.1.1F5 Big-ip Analytics 12.1.1F5 Big-ip Analytics 12.0.0F5 Big-ip Analytics 12.1.2F5 Big-ip Analytics 12.1.0F5 Big-ip Access Policy Manager 12.1.1F5 Big-ip Access Policy Manager 12.1.2F5 Big-ip Access Policy Manager 12.1.0F5 Big-ip Access Policy Manager 12.0.0F5 Big-ip Application Security Manager 12.1.0F5 Big-ip Application Security Manager 12.1.1
7.5
CVSSv2
CVE-2017-6145
iControl REST in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe 12.0.0 up to and including 12.1.2 and 13.0.0 includes a service to convert authorization BIGIPAuthCookie cookies to X-F5-Auth-Token tokens. This service does not properly re-vali...
F5 Big-ip Application Security Manager 13.0.0F5 Big-ip Local Traffic Manager 13.0.0F5 Big-ip Policy Enforcement Manager 13.0.0F5 Big-ip Application Acceleration Manager 13.0.0F5 Big-ip Link Controller 13.0.0F5 Big-ip Domain Name System 13.0.0F5 Big-ip Analytics 12.1.2F5 Big-ip Link Controller 12.1.1F5 Big-ip Policy Enforcement Manager 12.1.2F5 Big-ip Local Traffic Manager 12.1.1F5 Big-ip Application Acceleration Manager 12.1.0F5 Big-ip Application Acceleration Manager 12.1.2F5 Big-ip Websafe 13.0.0F5 Big-ip Websafe 12.1.0F5 Big-ip Websafe 12.1.1F5 Big-ip Websafe 12.1.2F5 Big-ip Policy Enforcement Manager 12.1.0F5 Big-ip Advanced Firewall Manager 12.1.1F5 Big-ip Advanced Firewall Manager 12.1.2F5 Big-ip Access Policy Manager 12.1.2F5 Big-ip Access Policy Manager 12.1.1F5 Big-ip Access Policy Manager 12.1.0
7.5
CVSSv2
CVE-2017-6131
In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may contain a default administrative password which could be used to remotely log into the BIG-IP system. The impacted administrative account is the Azure instance administrative user tha...
F5 Big-ip Local Traffic Manager 13.0.0F5 Big-ip Local Traffic Manager 12.0.0F5 Big-ip Local Traffic Manager 12.1.0F5 Big-ip Local Traffic Manager 12.1.1F5 Big-ip Local Traffic Manager 12.1.2F5 Big-ip Application Acceleration Manager 12.1.2F5 Big-ip Application Acceleration Manager 13.0.0F5 Big-ip Application Acceleration Manager 12.0.0F5 Big-ip Application Acceleration Manager 12.1.0F5 Big-ip Application Acceleration Manager 12.1.1F5 Big-ip Advanced Firewall Manager 13.0.0F5 Big-ip Advanced Firewall Manager 12.0.0F5 Big-ip Advanced Firewall Manager 12.1.0F5 Big-ip Advanced Firewall Manager 12.1.1F5 Big-ip Advanced Firewall Manager 12.1.2F5 Big-ip Access Policy Manager 12.0.0F5 Big-ip Access Policy Manager 12.1.0F5 Big-ip Access Policy Manager 12.1.1F5 Big-ip Access Policy Manager 12.1.2F5 Big-ip Access Policy Manager 13.0.0F5 Big-ip Application Security Manager 12.1.1F5 Big-ip Application Security Manager 12.1.2
6.8
CVSSv2
CVE-2017-6157
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.0 - 11.5.4, virtual servers with a configuration using the HTTP Explicit Proxy functionality and/or SOCKS profile are vulnerable t...
F5 Big-ip Local Traffic ManagerF5 Big-ip Local Traffic Manager 11.6.1F5 Big-ip Local Traffic Manager 12.0.0F5 Big-ip Local Traffic Manager 12.1.0F5 Big-ip Local Traffic Manager 12.1.1F5 Big-ip Local Traffic Manager 11.6.0F5 Big-ip Application Acceleration ManagerF5 Big-ip Application Acceleration Manager 11.6.1F5 Big-ip Application Acceleration Manager 12.1.0F5 Big-ip Application Acceleration Manager 12.1.1F5 Big-ip Application Acceleration Manager 11.6.0F5 Big-ip Application Acceleration Manager 12.0.0F5 Big-ip Advanced Firewall Manager 11.6.1F5 Big-ip Advanced Firewall Manager 12.1.0F5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Firewall Manager 12.1.1F5 Big-ip Advanced Firewall Manager 11.6.0F5 Big-ip Advanced Firewall Manager 12.0.0F5 Big-ip Access Policy Manager 11.6.1F5 Big-ip Access Policy Manager 12.1.0F5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager 11.6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook