The default configuration of the IPsec IKE peer listener in F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.1 before HF16, 11.4.x, 11.5.x prior to 11.5.4 HF2, 11.6.x prior to 11.6.1, and 12.x prior to 12.0.0 HF2; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x prior to 11.5.... A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11... F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x prior to 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 prior to 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x prior to 11.4.... The vCMP host in F5 BIG-IP Analytics, APM, ASM, GTM, Link Controller, and LTM 11.0.0 prior to 11.6.0, BIG-IP AAM 11.4.0 prior to 11.6.0, BIG-IP AFM and PEM 11.3.0 prior to 11.6.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.0.0 up to and including 11.3.0, BIG-IP PSM 11.0.0 up... In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.0 - 11.5.4, virtual servers with a configuration using the HTTP Explicit Proxy functionality and/or SOCKS profile are vulnerable t... The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 prior to 11.5.3 HF2 and 11.6.0 prior to 11.6.0 HF6, BIG-IP AAM 11.4.0 prior to 11.5.3 HF2 and 11.6.0 prior to 11.6.0 HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0, BIG-IP GTM 1...