Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 big-ip access policy manager 16.1.1 vulnerabilities and exploits
(subscribe to this query)
7.7
CVSSv3
CVE-2022-31473
In BIG-IP Versions 16.1.x prior to 16.1.1 and 15.1.x prior to 15.1.4, when running in Appliance mode, an authenticated attacker may be able to bypass Appliance mode restrictions due to a directory traversal vulnerability in an undisclosed page within iApps. A successful exploit c...
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 16.1.0
4.3
CVSSv3
CVE-2022-1389
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP (fixed in 17.0.0), a cross-site request forgery (CSRF) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. This vulnerability allows an malicious user to run a limited ...
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Global Traffic Manager 11.6.1
F5 Big-ip Domain Name System 12.1.2
F5 Big-ip Policy Enforcement Manager 12.1.1
F5 Big-ip Policy Enforcement Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.2
F5 Big-ip Application Security Manager 12.1.1
F5 Big-ip Local Traffic Manager 12.1.0
F5 Big-ip Analytics 11.6.1
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Link Controller 12.1.1
F5 Big-ip Analytics 12.1.0
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Link Controller 12.1.0
F5 Big-ip Application Acceleration Manager 12.1.1
F5 Big-ip Link Controller 11.6.1
F5 Big-ip Link Controller 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.1
4.3
CVSSv3
CVE-2022-1468
On all versions of 17.0.x, 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x on F5 BIG-IP, an authenticated iControl REST user with at least guest role privileges can cause processing delays to iControl REST requests via undisclosed requests. Note: Software versions which have r...
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Global Traffic Manager 11.6.1
F5 Big-ip Domain Name System 12.1.2
F5 Big-ip Policy Enforcement Manager 12.1.1
F5 Big-ip Policy Enforcement Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.2
F5 Big-ip Application Security Manager 12.1.1
F5 Big-ip Local Traffic Manager 12.1.0
F5 Big-ip Analytics 11.6.1
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Link Controller 12.1.1
F5 Big-ip Analytics 12.1.0
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Link Controller 12.1.0
F5 Big-ip Application Acceleration Manager 12.1.1
F5 Big-ip Link Controller 11.6.1
F5 Big-ip Link Controller 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.1
4.3
CVSSv3
CVE-2022-27659
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, and 14.1.x versions before 14.1.4.6, an authenticated attacker can modify or delete Dashboards created by other BIG-IP users in the Traffic Management User Interface (TMUI). Note: Software versions whi...
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Advanced Firewall Manager 14.1.0
F5 Big-ip Application Acceleration Manager 14.1.0
F5 Big-ip Link Controller 14.1.0
F5 Big-ip Policy Enforcement Manager 14.1.0
F5 Big-ip Local Traffic Manager 14.1.0
F5 Big-ip Analytics 14.1.0
F5 Big-ip Application Security Manager 14.1.0
F5 Big-ip Domain Name System 14.1.0
F5 Big-ip Global Traffic Manager 14.1.0
F5 Big-ip Fraud Protection Service 14.1.0
F5 Big-ip Application Acceleration Manager 15.1.0
F5 Big-ip Local Traffic Manager 15.1.0
F5 Big-ip Advanced Firewall Manager 15.1.0
F5 Big-ip Policy Enforcement Manager 15.1.0
F5 Big-ip Link Controller 15.1.0
F5 Big-ip Global Traffic Manager 15.1.0
F5 Big-ip Fraud Protection Service 15.1.0
F5 Big-ip Domain Name System 15.1.0
F5 Big-ip Application Security Manager 15.1.0
F5 Big-ip Access Policy Manager 15.1.0
F5 Big-ip Analytics 15.1.0
6.8
CVSSv3
CVE-2022-27878
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP, and F5 BIG-IP Guided Configuration (GC) all versions before 9.0, a stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an ...
F5 Big-ip Local Traffic Manager 13.1.0
F5 Big-ip Application Acceleration Manager 13.1.0
F5 Big-ip Advanced Firewall Manager 13.1.0
F5 Big-ip Analytics 13.1.0
F5 Big-ip Access Policy Manager 13.1.0
F5 Big-ip Application Security Manager 13.1.0
F5 Big-ip Global Traffic Manager 13.1.0
F5 Big-ip Link Controller 13.1.0
F5 Big-ip Policy Enforcement Manager 13.1.0
F5 Big-ip Domain Name System 13.1.0
F5 Big-ip Fraud Protection Service 13.1.0
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Advanced Firewall Manager 14.1.0
F5 Big-ip Application Acceleration Manager 14.1.0
F5 Big-ip Link Controller 14.1.0
F5 Big-ip Policy Enforcement Manager 14.1.0
F5 Big-ip Local Traffic Manager 14.1.0
F5 Big-ip Analytics 14.1.0
F5 Big-ip Application Security Manager 14.1.0
F5 Big-ip Domain Name System 14.1.0
F5 Big-ip Global Traffic Manager 14.1.0
F5 Big-ip Fraud Protection Service 14.1.0
6.1
CVSSv3
CVE-2022-27230
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP APM, and F5 BIG-IP Guided Configuration (GC) all versions before 9.0, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of F5 BIG-IP Guided Configuration that allow...
F5 Big-ip Access Policy Manager 13.1.0
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Access Policy Manager 15.1.0
F5 Big-ip Access Policy Manager 14.1.4
F5 Big-ip Access Policy Manager 16.1.0
F5 Big-ip Access Policy Manager 16.1.2
F5 Big-ip Access Policy Manager 16.1.1
F5 Big-ip Access Policy Manager 15.1.5
F5 Big-ip Access Policy Manager 15.1.4
F5 Big-ip Access Policy Manager 15.1.3
F5 Big-ip Access Policy Manager 15.1.2
F5 Big-ip Access Policy Manager 15.1.1
F5 Big-ip Access Policy Manager 14.1.3
F5 Big-ip Access Policy Manager 14.1.2
F5 Big-ip Access Policy Manager 13.1.5
F5 Big-ip Access Policy Manager 13.1.4
F5 Big-ip Access Policy Manager 13.1.3
F5 Big-ip Access Policy Manager 13.1.1
F5 Big-ip Guided Configuration
7.5
CVSSv3
CVE-2022-26071
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x and 11.6.x, a flaw in the way reply ICMP packets are limited in the Traffic Management Microkernel (TMM) allow...
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Global Traffic Manager 11.6.1
F5 Big-ip Domain Name System 12.1.2
F5 Big-ip Policy Enforcement Manager 12.1.1
F5 Big-ip Policy Enforcement Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.2
F5 Big-ip Application Security Manager 12.1.1
F5 Big-ip Local Traffic Manager 12.1.0
F5 Big-ip Analytics 11.6.1
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Link Controller 12.1.1
F5 Big-ip Analytics 12.1.0
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Link Controller 12.1.0
F5 Big-ip Application Acceleration Manager 12.1.1
F5 Big-ip Link Controller 11.6.1
F5 Big-ip Link Controller 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.1
5.3
CVSSv3
CVE-2022-26130
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, and 13.1.x versions before 13.1.5, when an Active mode-enabled FTP profile is configured on a virtual server, undisclosed traffic can cause the virtual server to stop p...
F5 Big-ip Local Traffic Manager 13.1.0
F5 Big-ip Application Acceleration Manager 13.1.0
F5 Big-ip Advanced Firewall Manager 13.1.0
F5 Big-ip Analytics 13.1.0
F5 Big-ip Access Policy Manager 13.1.0
F5 Big-ip Application Security Manager 13.1.0
F5 Big-ip Global Traffic Manager 13.1.0
F5 Big-ip Link Controller 13.1.0
F5 Big-ip Policy Enforcement Manager 13.1.0
F5 Big-ip Domain Name System 13.1.0
F5 Big-ip Fraud Protection Service 13.1.0
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Advanced Firewall Manager 14.1.0
F5 Big-ip Application Acceleration Manager 14.1.0
F5 Big-ip Link Controller 14.1.0
F5 Big-ip Policy Enforcement Manager 14.1.0
F5 Big-ip Local Traffic Manager 14.1.0
F5 Big-ip Analytics 14.1.0
F5 Big-ip Application Security Manager 14.1.0
F5 Big-ip Domain Name System 14.1.0
F5 Big-ip Global Traffic Manager 14.1.0
F5 Big-ip Fraud Protection Service 14.1.0
7.5
CVSSv3
CVE-2022-28691
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5, 14.1.x versions before 14.1.4.6, and 13.1.x versions before 13.1.5, when a Real Time Streaming Protocol (RTSP) profile is configured on a virtual server, undisclosed traffic can cause an increase in Traf...
F5 Big-ip Local Traffic Manager 13.1.0
F5 Big-ip Application Acceleration Manager 13.1.0
F5 Big-ip Advanced Firewall Manager 13.1.0
F5 Big-ip Analytics 13.1.0
F5 Big-ip Access Policy Manager 13.1.0
F5 Big-ip Application Security Manager 13.1.0
F5 Big-ip Global Traffic Manager 13.1.0
F5 Big-ip Link Controller 13.1.0
F5 Big-ip Policy Enforcement Manager 13.1.0
F5 Big-ip Domain Name System 13.1.0
F5 Big-ip Fraud Protection Service 13.1.0
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Advanced Firewall Manager 14.1.0
F5 Big-ip Application Acceleration Manager 14.1.0
F5 Big-ip Link Controller 14.1.0
F5 Big-ip Policy Enforcement Manager 14.1.0
F5 Big-ip Local Traffic Manager 14.1.0
F5 Big-ip Analytics 14.1.0
F5 Big-ip Application Security Manager 14.1.0
F5 Big-ip Domain Name System 14.1.0
F5 Big-ip Global Traffic Manager 14.1.0
F5 Big-ip Fraud Protection Service 14.1.0
7.5
CVSSv3
CVE-2022-28706
On F5 BIG-IP 16.1.x versions before 16.1.2 and 15.1.x versions before 15.1.5.1, when the DNS resolver configuration is used, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (...
F5 Big-ip Application Acceleration Manager 15.1.0
F5 Big-ip Local Traffic Manager 15.1.0
F5 Big-ip Advanced Firewall Manager 15.1.0
F5 Big-ip Policy Enforcement Manager 15.1.0
F5 Big-ip Link Controller 15.1.0
F5 Big-ip Global Traffic Manager 15.1.0
F5 Big-ip Fraud Protection Service 15.1.0
F5 Big-ip Domain Name System 15.1.0
F5 Big-ip Application Security Manager 15.1.0
F5 Big-ip Access Policy Manager 15.1.0
F5 Big-ip Analytics 15.1.0
F5 Big-ip Application Acceleration Manager 16.1.0
F5 Big-ip Access Policy Manager 16.1.0
F5 Big-ip Advanced Firewall Manager 16.1.0
F5 Big-ip Application Security Manager 16.1.0
F5 Big-ip Domain Name System 16.1.0
F5 Big-ip Fraud Protection Service 16.1.0
F5 Big-ip Global Traffic Manager 16.1.0
F5 Big-ip Link Controller 16.1.0
F5 Big-ip Local Traffic Manager 16.1.0
F5 Big-ip Policy Enforcement Manager 16.1.0
F5 Big-ip Advanced Firewall Manager 16.1.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »