Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 big-ip access policy manager 13.1.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-6661
When the BIG-IP APM 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.4.1, or 11.5.1-11.6.5 system processes certain requests, the APD/APMD daemon may consume excessive resources.
F5 Big-ip Access Policy Manager
5.5
CVSSv3
CVE-2019-6663
The BIG-IP 15.0.0-15.0.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5.1, BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1 configuration utility is vulnerable to Anti DNS Pinning (DNS Rebinding) attack.
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
F5 Big-iq Centralized Management
F5 Big-iq Centralized Management 7.0.0
F5 Enterprise Manager 3.1.1
F5 Iworkflow 2.3.0
6.5
CVSSv3
CVE-2019-6662
On BIG-IP 13.1.0-13.1.1.4, sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request. Users with access to the log files would be able to view that data.
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
6.1
CVSSv3
CVE-2019-6657
On BIG-IP 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI), also known as the BIG-IP Configuration utility.
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager
F5 Big-ip Edge Gateway
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
F5 Big-ip Application Security Manager
7.5
CVSSv3
CVE-2019-6656
BIG-IP APM Edge Client before version 7.1.8 (7180.2019.508.705) logs the full apm session ID in the log files. Vulnerable versions of the client are bundled with BIG-IP APM versions 15.0.0-15.0.1, 14,1.0-14.1.0.6, 14.0.0-14.0.0.4, 13.0.0-13.1.1.5, 12.1.0-12.1.5, and 11.5.1-11.6.5...
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
5.9
CVSSv3
CVE-2018-15311
When F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.5.1-11.5.6 is processing specially crafted TCP traffic with the Large Receive Offload (LRO) feature enabled, TMM may crash, leading to a failover event. This vulnerability is not exposed unless LRO is enabled...
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
7.5
CVSSv3
CVE-2018-5549
On BIG-IP APM 11.6.0-11.6.3.1, 12.1.0-12.1.3.3, 13.0.0, and 13.1.0-13.1.0.3, APMD may core when processing SAML Assertion or response containing certain elements.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 13.0.0
7.5
CVSSv3
CVE-2018-5534
Under certain conditions on F5 BIG-IP 13.1.0-13.1.0.5, 13.0.0, 12.1.0-12.1.3.1, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM may core while processing SSL forward proxy traffic.
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 13.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 13.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 13.0.0
F5 Big-ip Analytics
F5 Big-ip Analytics 13.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 13.0.0
F5 Big-ip Domain Name System
F5 Big-ip Domain Name System 13.0.0
F5 Big-ip Edge Gateway 13.0.0
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Fraud Protection Service 13.0.0
F5 Big-ip Global Traffic Manager
F5 Big-ip Global Traffic Manager 13.0.0
F5 Big-ip Link Controller
F5 Big-ip Link Controller 13.0.0
7.5
CVSSv3
CVE-2018-5535
On F5 BIG-IP 14.0.0, 13.0.0-13.1.0, 12.1.0-12.1.3, or 11.5.1-11.6.3 specifically crafted HTTP responses, when processed by a Virtual Server with an associated QoE profile that has Video enabled, may cause TMM to incorrectly buffer response data causing the TMM to restart resultin...
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 14.0.0
F5 Big-ip Application Acceleration Manager 14.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager 14.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Analytics 14.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 14.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 14.0.0
F5 Big-ip Domain Name System 14.0.0
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway 14.0.0
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Fraud Protection Service 14.0.0
F5 Big-ip Global Traffic Manager
F5 Big-ip Global Traffic Manager 14.0.0
F5 Big-ip Link Controller
F5 Big-ip Link Controller 14.0.0
7.5
CVSSv3
CVE-2018-5527
On BIG-IP 13.1.0-13.1.0.7, a remote attacker using undisclosed methods against virtual servers configured with a Client SSL or Server SSL profile that has the SSL Forward Proxy feature enabled can force the Traffic Management Microkernel (tmm) to leak memory. As a result, system ...
F5 Big-ip Application Acceleration Manager
F5 Big-ip Domain Name System
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Security Manager
F5 Big-ip Edge Gateway
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager
F5 Big-ip Webaccelerator
F5 Big-ip Websafe
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »