Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

f5 big-ip carrier-grade nat vulnerabilities and exploits

(subscribe to this query)
4.3
CVSSv2
CVE-2020-27720
On BIG-IP LTM/CGNAT version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.5, when processing NAT66 traffic with Port Block Allocation (PBA) mode and SP-DAG enabled, and dag-ipv6-prefix-len configured with a value less than the default of 128, an undisclosed t...
F5 Big-ip Carrier-grade NatF5 Big-ip Local Traffic Manager
6.8
CVSSv2
CVE-2022-28716
On 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x 11.6.x, a DOM-based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP AFM, CGNAT, and...
F5 Big-ip Advanced Firewall ManagerF5 Big-ip Policy Enforcement ManagerF5 Big-ip Carrier-grade Nat
NA
CVE-2023-41373
A directory traversal vulnerability exists in the BIG-IP Configuration Utility that may allow an authenticated malicious user to execute commands on the BIG-IP system. For BIG-IP system running in Appliance mode, a successful exploit can allow the malicious user to cross a secur...
F5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip Application Security ManagerF5 Big-ip Domain Name SystemF5 Big-ip Local Traffic ManagerF5 Big-ip Advanced Web Application FirewallF5 Big-ip AnalyticsF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Visibility And ReportingF5 Big-ip Carrier-grade NatF5 Big-ip Ddos Hybrid DefenderF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Policy Enforcement ManagerF5 Big-ip Ssl OrchestratorF5 Big-ip WebacceleratorF5 Big-ip Websafe
NA
CVE-2023-40537
An authenticated user's session cookie may remain valid for a limited time after logging out from the BIG-IP Configuration utility on a multi-blade VIPRION platform. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip Application Security ManagerF5 Big-ip Domain Name SystemF5 Big-ip Local Traffic ManagerF5 Big-ip Advanced Web Application FirewallF5 Big-ip AnalyticsF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Visibility And ReportingF5 Big-ip Carrier-grade NatF5 Big-ip Ddos Hybrid DefenderF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Policy Enforcement ManagerF5 Big-ip Ssl OrchestratorF5 Big-ip WebacceleratorF5 Big-ip Websafe
NA
CVE-2023-43746
When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing BIG-IP external monitor on a BIG-IP system. A successful exploit can allow the malicious user to cross a security boundary. Note: So...
F5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip Application Security ManagerF5 Big-ip Domain Name SystemF5 Big-ip Local Traffic ManagerF5 Big-ip Advanced Web Application FirewallF5 Big-ip AnalyticsF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Visibility And ReportingF5 Big-ip Carrier-grade NatF5 Big-ip Ddos Hybrid DefenderF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Policy Enforcement ManagerF5 Big-ip Ssl OrchestratorF5 Big-ip WebacceleratorF5 Big-ip Websafe
NA
CVE-2022-41983
On specific hardware platforms, on BIG-IP versions 16.1.x prior to 16.1.3.1, 15.1.x prior to 15.1.7, 14.1.x prior to 14.1.5.1, and all versions of 13.1.x, while Intel QAT (QuickAssist Technology) and the AES-GCM/CCM cipher is in use, undisclosed conditions can cause BIG-IP to sen...
F5 Big-ip AnalyticsF5 Big-ip Link ControllerF5 Big-ip Local Traffic ManagerF5 Big-ip Policy Enforcement ManagerF5 Big-ip Application Security ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip Access Policy ManagerF5 Big-ip Domain Name SystemF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip WebsafeF5 Big-ip WebacceleratorF5 Big-ip Ssl OrchestratorF5 Big-ip Edge GatewayF5 Big-ip Ddos Hybrid DefenderF5 Big-ip Carrier-grade NatF5 Big-ip Advanced Web Application FirewallF5 Big-ip Application Visibility And Reporting
NA
CVE-2023-27378
Multiple reflected cross-site scripting (XSS) vulnerabilities exist in undisclosed pages of the BIG-IP Configuration utility which allow an malicious user to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technica...
F5 Big-ip AnalyticsF5 Big-ip Policy Enforcement ManagerF5 Big-ip Local Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Global Traffic ManagerF5 Big-ip Fraud Protection ServiceF5 Big-ip Domain Name SystemF5 Big-ip Application Security ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip Access Policy ManagerF5 Big-ip Advanced Web Application FirewallF5 Big-ip Application Visibility And ReportingF5 Big-ip Carrier-grade NatF5 Big-ip Ddos Hybrid DefenderF5 Big-ip Edge GatewayF5 Big-ip Ssl OrchestratorF5 Big-ip WebacceleratorF5 Big-ip Websafe
NA
CVE-2023-38423
A cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an malicious user to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS)...
F5 Big-ip AnalyticsF5 Big-ip Policy Enforcement ManagerF5 Big-ip Local Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Global Traffic ManagerF5 Big-ip Fraud Protection ServiceF5 Big-ip Domain Name SystemF5 Big-ip Application Security ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip Access Policy ManagerF5 Big-ip Advanced Web Application FirewallF5 Big-ip Application Visibility And ReportingF5 Big-ip Carrier-grade NatF5 Big-ip Ddos Hybrid DefenderF5 Big-ip Edge GatewayF5 Big-ip Ssl OrchestratorF5 Big-ip WebacceleratorF5 Big-ip Websafe
NA
CVE-2023-38138
A reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility which allows an malicious user to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Sup...
F5 Big-ip AnalyticsF5 Big-ip Policy Enforcement ManagerF5 Big-ip Local Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Global Traffic ManagerF5 Big-ip Fraud Protection ServiceF5 Big-ip Domain Name SystemF5 Big-ip Application Security ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip Access Policy ManagerF5 Big-ip Advanced Web Application FirewallF5 Big-ip Application Visibility And ReportingF5 Big-ip Carrier-grade NatF5 Big-ip Ddos Hybrid DefenderF5 Big-ip Edge GatewayF5 Big-ip Ssl OrchestratorF5 Big-ip WebacceleratorF5 Big-ip Websafe
NA
CVE-2023-42768
When a non-admin user has been assigned an administrator role via an iControl REST PUT request and later the user's role is reverted back to a non-admin role via the Configuration utility, tmsh, or iControl REST. BIG-IP non-admin user can still have access to iControl REST ...
F5 Big-ip AnalyticsF5 Big-ip Policy Enforcement ManagerF5 Big-ip Local Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Global Traffic ManagerF5 Big-ip Fraud Protection ServiceF5 Big-ip Domain Name SystemF5 Big-ip Application Security ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip Access Policy ManagerF5 Big-ip Advanced Web Application FirewallF5 Big-ip Application Visibility And ReportingF5 Big-ip Carrier-grade NatF5 Big-ip Ddos Hybrid DefenderF5 Big-ip Edge GatewayF5 Big-ip Ssl OrchestratorF5 Big-ip WebacceleratorF5 Big-ip Websafe
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook