Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 big-ip access policy manager vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-5536
A remote attacker via undisclosed measures, may be able to exploit an F5 BIG-IP APM 13.0.0-13.1.0.7 or 12.1.0-12.1.3.5 virtual server configured with an APM per-request policy object and cause a memory leak in the APM module.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 14.0.0
5
CVSSv2
CVE-2018-5549
On BIG-IP APM 11.6.0-11.6.3.1, 12.1.0-12.1.3.3, 13.0.0, and 13.1.0-13.1.0.3, APMD may core when processing SAML Assertion or response containing certain elements.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 13.0.0
5
CVSSv2
CVE-2022-23032
In all versions prior to 7.2.1.4, when proxy settings are configured in the network access resource of a BIG-IP APM system, connecting BIG-IP Edge Client on Mac and Windows is vulnerable to a DNS rebinding attack. Note: Software versions which have reached End of Technical Suppor...
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
6.8
CVSSv2
CVE-2020-5897
In versions 7.1.5-7.1.9, there is use-after-free memory vulnerability in the BIG-IP Edge Client Windows ActiveX component.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
4.9
CVSSv2
CVE-2020-5898
In versions 7.1.5-7.1.9, BIG-IP Edge Client Windows Stonewall driver does not sanitize the pointer received from the userland. A local user on the Windows client system can send crafted DeviceIoControl requests to \\.\urvpndrv device causing the Windows kernel to crash.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
7.2
CVSSv2
CVE-2021-23022
On version 7.2.1.x prior to 7.2.1.3 and 7.1.x prior to 7.1.9.9 Update 1, the BIG-IP Edge Client Windows Installer Service's temporary folder has weak file and folder permissions. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
NA
CVE-2022-31473
In BIG-IP Versions 16.1.x prior to 16.1.1 and 15.1.x prior to 15.1.4, when running in Appliance mode, an authenticated attacker may be able to bypass Appliance mode restrictions due to a directory traversal vulnerability in an undisclosed page within iApps. A successful exploit c...
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 16.1.0
4.3
CVSSv2
CVE-2020-5893
In versions 7.1.5-7.1.8, when a user connects to a VPN using BIG-IP Edge Client over an unsecure network, BIG-IP Edge Client responds to authentication requests over HTTP while sending probes for captive portal detection.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
4.6
CVSSv2
CVE-2020-5896
On versions 7.1.5-7.1.9, the BIG-IP Edge Client's Windows Installer Service's temporary folder has weak file and folder permissions.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
5
CVSSv2
CVE-2019-6596
In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, 12.1.0-12.1.3.6, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, when processing fragmented ClientHello messages in a DTLS session TMM may corrupt memory eventually leading to a crash. Only systems offering DTLS connections via APM are impacted.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 14.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »