Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
big-ip advanced firewall manager vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-15314
On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a Reflected Cross Site Scripting vulnerability in undisclosed TMUI page.
F5 Big-ip Advanced Firewall Manager
7.5
CVSSv3
CVE-2020-27714
On the BIG-IP AFM version 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.5, when a Protocol Inspection Profile is attached to a FastL4 virtual server with the protocol field configured to either Other or All Protocols, the TMM may experience a restart if the profile processes ...
F5 Big-ip Advanced Firewall Manager
7.5
CVSSv3
CVE-2020-5937
On BIG-IP AFM 15.1.0-15.1.0.5, the Traffic Management Microkernel (TMM) may produce a core file while processing layer 4 (L4) behavioral denial-of-service (DoS) traffic.
F5 Big-ip Advanced Firewall Manager
5.3
CVSSv3
CVE-2020-5950
On BIG-IP 14.1.0-14.1.2.6, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role.
F5 Big-ip Advanced Firewall Manager
7.5
CVSSv3
CVE-2022-41806
In versions 16.1.x prior to 16.1.3.2 and 15.1.x prior to 15.1.5.1, when BIG-IP AFM Network Address Translation policy with IPv6/IPv4 translation rules is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization.
F5 Big-ip Advanced Firewall Manager
4.3
CVSSv3
CVE-2020-5920
In versions 15.0.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, a vulnerability in the BIG-IP AFM Configuration utility may allow any authenticated BIG-IP user to perform a read-only blind SQL injection attack.
F5 Big-ip Advanced Firewall Manager
8.8
CVSSv3
CVE-2021-23040
On BIG-IP AFM version 16.0.x prior to 16.0.1.2, 15.1.x prior to 15.1.3, 14.1.x prior to 14.1.4.2, 13.1.x prior to 13.1.4.1, and all versions of 12.1.x, a SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. This issue is exposed only when...
F5 Big-ip Advanced Firewall Manager
7.5
CVSSv3
CVE-2022-23024
On BIG-IP AFM version 16.x prior to 16.1.0, 15.1.x prior to 15.1.4.1, 14.1.x prior to 14.1.4.2, and all versions of 13.1.x, when the IPsec application layer gateway (ALG) logging profile is configured on an IPsec ALG virtual server, undisclosed IPsec traffic can cause the Traffic...
F5 Big-ip Advanced Firewall Manager
5.3
CVSSv3
CVE-2022-23028
On BIG-IP AFM version 16.x prior to 16.1.0, 15.1.x prior to 15.1.5, 14.1.x prior to 14.1.4.5, and all versions of 13.1.x, when global AFM SYN cookie protection (TCP Half Open flood vector) is activated in the AFM Device Dos or DOS profile, certain types of TCP connections will fa...
F5 Big-ip Advanced Firewall Manager
8.8
CVSSv3
CVE-2022-28716
On 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x 11.6.x, a DOM-based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP AFM, CGNAT, and...
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Carrier-grade Nat
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »