Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 big-ip advanced web application firewall 16.0.1.1 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2021-22993
On BIG-IP Advanced WAF and BIG-IP ASM versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2, 14.1.x prior to 14.1.3.1, 13.1.x prior to 13.1.3.6, and 12.1.x prior to 12.1.5.3, DOM-based XSS on DoS Profile properties page. Note: Software versions which have reached End of Softw...
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Application Security Manager
6.8
CVSSv2
CVE-2021-22991
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, and 12.1.x prior to 12.1.5.3, undisclosed requests to a virtual server may be incorrectly handled by the Traffic Management Microkernel (TMM) URI normalization...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Ddos Hybrid Defender
F5 Ssl Orchestrator
1 Article
5
CVSSv2
CVE-2021-23004
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2, 14.1.x prior to 14.1.3.1, 13.1.x prior to 13.1.3.6, 12.1.x prior to 12.1.5.3, and 11.6.x prior to 11.6.5.3, Multipath TCP (MPTCP) forwarding flows may be created on standard virtual servers without MPTCP enabled...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Ddos Hybrid Defender
F5 Ssl Orchestrator
9
CVSSv2
CVE-2021-22990
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, 12.1.x prior to 12.1.5.3, and 11.6.x prior to 11.6.5.3, on systems with Advanced WAF or BIG-IP ASM provisioned, the Traffic Management User Interface (TMUI), a...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Ddos Hybrid Defender
F5 Ssl Orchestrator
1 Article
9.3
CVSSv2
CVE-2021-22992
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, 12.1.x prior to 12.1.5.3, and 11.6.x prior to 11.6.5.3, a malicious HTTP response to an Advanced WAF/BIG-IP ASM virtual server with Login Page configured in it...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Ddos Hybrid Defender
F5 Ssl Orchestrator
1 Article
9
CVSSv2
CVE-2021-22989
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, 12.1.x prior to 12.1.5.3, and 11.6.x prior to 11.6.5.3, when running in Appliance mode with Advanced WAF or BIG-IP ASM provisioned, the TMUI, also referred to ...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Ddos Hybrid Defender
F5 Ssl Orchestrator
1 Article
9
CVSSv2
CVE-2021-22987
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, 12.1.x prior to 12.1.5.3, and 11.6.x prior to 11.6.5.3 when running in Appliance mode, the Traffic Management User Interface (TMUI), also referred to as the Co...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Ddos Hybrid Defender
F5 Ssl Orchestrator
1 Article
9
CVSSv2
CVE-2021-22988
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, 12.1.x prior to 12.1.5.3, and 11.6.x prior to 11.6.5.3, TMUI, also referred to as the Configuration utility, has an authenticated remote command execution vuln...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Ddos Hybrid Defender
F5 Ssl Orchestrator
1 Article
10
CVSSv2
CVE-2021-22986
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, and 12.1.x prior to 12.1.5.3 amd BIG-IQ 7.1.0.x prior to 7.1.0.3 and 7.0.0.x prior to 7.0.0.2, the iControl REST interface has an unauthenticated remote comman...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Ddos Hybrid Defender
F5 Ssl Orchestrator
F5 Big-iq Centralized Management
1 Metasploit module
24 Github repositories
2 Articles
5
CVSSv2
CVE-2021-22976
On BIG-IP Advanced WAF and ASM version 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2, 14.1.x prior to 14.1.3.1, 13.1.x prior to 13.1.3.6, and all 12.1.x versions, when the BIG-IP ASM system processes WebSocket requests with JSON payloads, an unusually large number of parameter...
F5 Big-ip Application Security Manager
F5 Big-ip Advanced Web Application Firewall
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »