Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 big-ip edge client vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2020-5898
In versions 7.1.5-7.1.9, BIG-IP Edge Client Windows Stonewall driver does not sanitize the pointer received from the userland. A local user on the Windows client system can send crafted DeviceIoControl requests to \\.\urvpndrv device causing the Windows kernel to crash.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
7.8
CVSSv3
CVE-2021-23022
On version 7.2.1.x prior to 7.2.1.3 and 7.1.x prior to 7.1.9.9 Update 1, the BIG-IP Edge Client Windows Installer Service's temporary folder has weak file and folder permissions. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
5.3
CVSSv3
CVE-2022-23032
In all versions prior to 7.2.1.4, when proxy settings are configured in the network access resource of a BIG-IP APM system, connecting BIG-IP Edge Client on Mac and Windows is vulnerable to a DNS rebinding attack. Note: Software versions which have reached End of Technical Suppor...
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
7.5
CVSSv3
CVE-2019-6656
BIG-IP APM Edge Client before version 7.1.8 (7180.2019.508.705) logs the full apm session ID in the log files. Vulnerable versions of the client are bundled with BIG-IP APM versions 15.0.0-15.0.1, 14,1.0-14.1.0.6, 14.0.0-14.0.0.4, 13.0.0-13.1.1.5, 12.1.0-12.1.5, and 11.5.1-11.6.5...
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
7.5
CVSSv3
CVE-2019-6629
On BIG-IP 14.1.0-14.1.0.5, undisclosed SSL traffic to a virtual server configured with a Client SSL profile may cause TMM to fail and restart. The Client SSL profile must have session tickets enabled and use DHE cipher suites to be affected. This only impacts the data plane, ther...
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
F5 Big-ip Websafe
9.1
CVSSv3
CVE-2019-6592
On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file when validating SSL certificates in client SSL or server SSL profiles.
F5 Big-ip Access Policy Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
5.3
CVSSv3
CVE-2018-5524
Under certain conditions, on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.6.1 HF2-11.6.3.1, virtual servers configured with Client SSL or Server SSL profiles which make use of network hardware security module (HSM) functionality are exposed and impacted by this issue.
F5 Big-ip Application Acceleration Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Edge Gateway
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
F5 Big-ip Fraud Protection Service
7.5
CVSSv3
CVE-2018-5527
On BIG-IP 13.1.0-13.1.0.7, a remote attacker using undisclosed methods against virtual servers configured with a Client SSL or Server SSL profile that has the SSL Forward Proxy feature enabled can force the Traffic Management Microkernel (tmm) to leak memory. As a result, system ...
F5 Big-ip Application Acceleration Manager
F5 Big-ip Domain Name System
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Security Manager
F5 Big-ip Edge Gateway
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager
F5 Big-ip Webaccelerator
F5 Big-ip Websafe
9.8
CVSSv3
CVE-2018-5506
In F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.1, 11.5.1-11.5.5, or 11.2.1 the Apache modules apache_auth_token_mod and mod_auth_f5_auth_token.cpp allow possible unauthenticated bruteforce on the em_server_ip authorization parameter to obtain which SSL client certificates used for mutu...
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Local Traffic Manager 13.0.0
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 11.2.1
F5 Big-ip Application Acceleration Manager 13.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 11.2.1
F5 Big-ip Advanced Firewall Manager 13.0.0
F5 Big-ip Advanced Firewall Manager 11.6.1
F5 Big-ip Analytics 11.6.1
F5 Big-ip Analytics 11.2.1
F5 Big-ip Analytics 13.0.0
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 11.6.1
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 11.2.1
5.9
CVSSv3
CVE-2019-6593
On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configured with a Client SSL profile may be vulnerable to a chosen ciphertext attack against CBC ciphers. When exploited, this may result in plaintext recovery of encrypted messages through a man-in-the-middle (MITM) a...
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 11.6.1
F5 Big-ip Access Policy Manager
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 12.1.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Advanced Firewall Manager 11.6.1
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Analytics 11.6.1
F5 Big-ip Analytics 12.1.0
F5 Big-ip Analytics
F5 Big-ip Application Security Manager 11.6.1
F5 Big-ip Application Security Manager 12.1.0
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System 11.6.1
F5 Big-ip Domain Name System
F5 Big-ip Domain Name System 12.1.0
F5 Big-ip Edge Gateway 12.1.0
F5 Big-ip Edge Gateway 11.6.1
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service 12.1.0
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »