Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

f5 enterprise manager 3.1.1 vulnerabilities and exploits

(subscribe to this query)
9.4
CVSSv3
CVE-2019-6665
On BIG-IP ASM 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, BIG-IQ 6.0.0 and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, an attacker with access to the device communication between the BIG-IP ASM Central Policy Builder and the BIG-IQ/Enterprise...
F5 Big-ip Application Security ManagerF5 Big-iq Centralized ManagementF5 Big-iq Centralized Management 6.0.0F5 Enterprise Manager 3.1.1F5 Iworkflow 2.3.0
4.4
CVSSv3
CVE-2018-5540
On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5.1-11.5.6, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.1.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.1.0-2.3.0 the big3d process does not irrevocably minimize group privileges ...
F5 Big-ip Domain Name SystemF5 Big-ip Global Traffic ManagerF5 Enterprise Manager 3.1.1F5 Big-iq Centralized ManagementF5 Big-iq Cloud And Orchestration 1.0.0F5 F5 Iworkflow
NA
CVE-2015-4040
Directory traversal vulnerability in the configuration utility in F5 BIG-IP prior to 12.0.0 and Enterprise Manager 3.0.0 up to and including 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors.
F5 Enterprise Manager 3.1.1F5 Enterprise Manager 3.0.0F5 Enterprise Manager 3.1.0F5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Advanced Firewall ManagerF5 Big-ip AnalyticsF5 Big-ip WebacceleratorF5 Big-ip Wan Optimization ManagerF5 Big-ip Access Policy ManagerF5 Big-ip Application Security ManagerF5 Big-ip Edge GatewayF5 Big-ip Local Traffic ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Policy Enforcement ManagerF5 Big-ip Protocol Security Module
7.2
CVSSv3
CVE-2018-15329
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed command...
F5 Big-ip Local Traffic ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip AnalyticsF5 Big-ip Access Policy ManagerF5 Big-ip Application Security ManagerF5 Big-ip Domain Name SystemF5 Big-ip Edge GatewayF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Policy Enforcement ManagerF5 Big-ip WebacceleratorF5 Enterprise Manager 3.1.1
7.2
CVSSv3
CVE-2019-6597
In BIG-IP 13.0.0-13.1.1.1, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8 or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on a...
F5 Big-ip Local Traffic ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip AnalyticsF5 Big-ip Access Policy ManagerF5 Big-ip Application Security ManagerF5 Big-ip Domain Name SystemF5 Big-ip Edge GatewayF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Policy Enforcement ManagerF5 Big-ip WebacceleratorF5 Enterprise Manager 3.1.1
4.3
CVSSv3
CVE-2019-6598
In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.1-11.6.3.2, or 11.5.1-11.5.8 or Enterprise Manager 3.1.1, malformed requests to the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, may lead to disruption of TMUI ser...
F5 Big-ip Local Traffic ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip AnalyticsF5 Big-ip Access Policy ManagerF5 Big-ip Application Security ManagerF5 Big-ip Domain Name SystemF5 Big-ip Edge GatewayF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Policy Enforcement ManagerF5 Big-ip WebacceleratorF5 Enterprise Manager 3.1.1
7.2
CVSSv3
CVE-2018-15327
In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1 or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforc...
F5 Big-ip Local Traffic ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip AnalyticsF5 Big-ip Access Policy ManagerF5 Big-ip Protocol Security ModuleF5 Big-ip Domain Name SystemF5 Big-ip Edge GatewayF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Policy Enforcement ManagerF5 Big-ip WebacceleratorF5 Enterprise Manager 3.1.1
5.9
CVSSv3
CVE-2020-5854
On BIG-IP 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.0-11.6.5.1, the tmm crashes under certain circumstances when using the connector profile if a specific sequence of connections are made.
F5 Enterprise Manager 3.1.1F5 Traffix Signaling Delivery ControllerF5 Big-iq Centralized ManagementF5 Iworkflow 2.3.0F5 Big-iq Centralized Management 7.0.0F5 Big-ip Access Policy ManagerF5 Big-ip Local Traffic ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip AnalyticsF5 Big-ip Application Security ManagerF5 Big-ip Edge GatewayF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip WebacceleratorF5 Big-ip Policy Enforcement ManagerF5 Big-ip Domain Name System
5.5
CVSSv3
CVE-2019-19151
On BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IQ versions 7.0.0, 6.0.0-6.1.0, and 5.0.0-5.4.0, iWorkflow version 2.3.0, and Enterprise Manager version 3.1.1, authenticated users granted TMOS Shell (tmsh) privileges are...
F5 Big-iq Centralized ManagementF5 Big-iq Centralized Management 7.0.0F5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip AnalyticsF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Security ManagerF5 Big-ip Domain Name SystemF5 Big-ip Edge GatewayF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Local Traffic ManagerF5 Big-ip Policy Enforcement ManagerF5 Big-ip WebacceleratorF5 Enterprise Manager 3.1.1F5 Iworkflow 2.3.0
5.5
CVSSv3
CVE-2019-6663
The BIG-IP 15.0.0-15.0.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1 configuration utility is vulnerable to Anti DNS Pinning (DNS Rebinding) attack.
F5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip AnalyticsF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Security ManagerF5 Big-ip Domain Name SystemF5 Big-ip Edge GatewayF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Local Traffic ManagerF5 Big-ip Policy Enforcement ManagerF5 Big-ip WebacceleratorF5 Big-iq Centralized ManagementF5 Big-iq Centralized Management 7.0.0F5 Enterprise Manager 3.1.1F5 Iworkflow 2.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook