Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

f5 enterprise manager vulnerabilities and exploits

(subscribe to this query)
4
CVSSv2
CVE-2015-4040
Directory traversal vulnerability in the configuration utility in F5 BIG-IP prior to 12.0.0 and Enterprise Manager 3.0.0 up to and including 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors.
F5 Enterprise Manager 3.1.1F5 Enterprise Manager 3.0.0F5 Enterprise Manager 3.1.0F5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Advanced Firewall ManagerF5 Big-ip AnalyticsF5 Big-ip WebacceleratorF5 Big-ip Wan Optimization ManagerF5 Big-ip Access Policy ManagerF5 Big-ip Application Security ManagerF5 Big-ip Edge GatewayF5 Big-ip Local Traffic ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Policy Enforcement ManagerF5 Big-ip Protocol Security Module
6.4
CVSSv2
CVE-2011-3188
The (1) IPv4 and (2) IPv6 implementations in the Linux kernel prior to 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote malicious users to cause a denial of service (disrupted networking) or hijack ...
Linux Linux KernelRedhat Enterprise Linux 4.0F5 Enterprise Manager 3.0.0F5 Firepass 7.0.0F5 Big-ip Local Traffic ManagerF5 Big-ip Access Policy ManagerF5 Big-ip Edge GatewayF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip WebacceleratorF5 Big-ip Wan Optimization ManagerF5 Big-ip Protocol Security ModuleF5 Big-ip Application Security ManagerF5 FirepassF5 ArxF5 Enterprise ManagerF5 Big-ip Analytics
7.5
CVSSv2
CVE-2019-6665
On BIG-IP ASM 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, BIG-IQ 6.0.0 and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, an attacker with access to the device communication between the BIG-IP ASM Central Policy Builder and the BIG-IQ/Enterprise...
F5 Big-ip Application Security ManagerF5 Big-iq Centralized ManagementF5 Big-iq Centralized Management 6.0.0F5 Enterprise Manager 3.1.1F5 Iworkflow 2.3.0
9
CVSSv2
CVE-2012-3163
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and previous versions, and 5.5.26 and previous versions, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
Oracle MysqlMariadb MariadbCanonical Ubuntu Linux 11.10Canonical Ubuntu Linux 12.10Canonical Ubuntu Linux 10.04Canonical Ubuntu Linux 12.04Debian Debian Linux 7.0Debian Debian Linux 6.0Redhat Enterprise Linux Desktop 6.0Redhat Enterprise Linux Server 6.0Redhat Enterprise Linux Workstation 6.0Redhat Enterprise Linux Eus 6.3F5 Big-ip Advanced Firewall Manager 11.3.0F5 Big-ip Policy Enforcement Manager 11.3.0F5 Big-ip Local Traffic ManagerF5 Big-ip Access Policy ManagerF5 Big-ip Edge GatewayF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip WebacceleratorF5 Big-ip Enterprise ManagerF5 Big-ip Protocol Security Module
7.8
CVSSv2
CVE-2019-11477
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kern...
Linux Linux KernelF5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Firewall Manager 15.0.0F5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager 15.0.0F5 Big-ip Application Acceleration ManagerF5 Big-ip Application Acceleration Manager 15.0.0F5 Big-ip Link ControllerF5 Big-ip Link Controller 15.0.0F5 Big-ip Policy Enforcement ManagerF5 Big-ip Policy Enforcement Manager 15.0.0F5 Big-ip WebacceleratorF5 Big-ip Webaccelerator 15.0.0F5 Big-ip Application Security ManagerF5 Big-ip Application Security Manager 15.0.0F5 Big-ip Local Traffic ManagerF5 Big-ip Local Traffic Manager 15.0.0F5 Big-ip Fraud Protection ServiceF5 Big-ip Fraud Protection Service 15.0.0F5 Big-ip Global Traffic ManagerF5 Big-ip Global Traffic Manager 15.0.0F5 Big-ip Analytics
5
CVSSv2
CVE-2019-11478
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fi...
Linux Linux KernelF5 Big-ip Advanced Firewall ManagerF5 Big-ip Advanced Firewall Manager 15.0.0F5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager 15.0.0F5 Big-ip Application Acceleration ManagerF5 Big-ip Application Acceleration Manager 15.0.0F5 Big-ip Link ControllerF5 Big-ip Link Controller 15.0.0F5 Big-ip Policy Enforcement ManagerF5 Big-ip Policy Enforcement Manager 15.0.0F5 Big-ip WebacceleratorF5 Big-ip Webaccelerator 15.0.0F5 Big-ip Application Security ManagerF5 Big-ip Application Security Manager 15.0.0F5 Big-ip Local Traffic ManagerF5 Big-ip Local Traffic Manager 15.0.0F5 Big-ip Fraud Protection ServiceF5 Big-ip Fraud Protection Service 15.0.0F5 Big-ip Global Traffic ManagerF5 Big-ip Global Traffic Manager 15.0.0F5 Big-ip Analytics
2.1
CVSSv2
CVE-2018-5540
On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5.1-11.5.6, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.1.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.1.0-2.3.0 the big3d process does not irrevocably minimize group privileges ...
F5 Big-ip Domain Name SystemF5 Big-ip Global Traffic ManagerF5 Enterprise Manager 3.1.1F5 Big-iq Centralized ManagementF5 Big-iq Cloud And Orchestration 1.0.0F5 F5 Iworkflow
6.8
CVSSv2
CVE-2019-6974
In the Linux kernel prior to 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
Linux Linux KernelDebian Debian Linux 8.0Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 18.10F5 Big-ip Local Traffic ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip AnalyticsF5 Big-ip Access Policy ManagerF5 Big-ip Application Security ManagerF5 Big-ip Edge GatewayF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Policy Enforcement ManagerF5 Big-ip WebacceleratorRedhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Workstation 7.0Redhat Enterprise Linux 7.0
6.5
CVSSv2
CVE-2018-15329
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed command...
F5 Big-ip Local Traffic ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip AnalyticsF5 Big-ip Access Policy ManagerF5 Big-ip Application Security ManagerF5 Big-ip Domain Name SystemF5 Big-ip Edge GatewayF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Policy Enforcement ManagerF5 Big-ip WebacceleratorF5 Enterprise Manager 3.1.1
6.5
CVSSv2
CVE-2019-6597
In BIG-IP 13.0.0-13.1.1.1, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8 or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on a...
F5 Big-ip Local Traffic ManagerF5 Big-ip Application Acceleration ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip AnalyticsF5 Big-ip Access Policy ManagerF5 Big-ip Application Security ManagerF5 Big-ip Domain Name SystemF5 Big-ip Edge GatewayF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Policy Enforcement ManagerF5 Big-ip WebacceleratorF5 Enterprise Manager 3.1.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook