Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 big-ip local traffic manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-41787
In BIG-IP versions 17.0.x prior to 17.0.0.1, 16.1.x prior to 16.1.3.1, 15.1.x prior to 15.1.6.1, 14.1.x prior to 14.1.5.1, and 13.1.x prior to 13.1.5.1, when DNS profile is configured on a virtual server with DNS Express enabled, undisclosed DNS queries with DNSSEC can cause TMM ...
F5 Big-ip Local Traffic Manager
F5 Big-ip Domain Name System
NA
CVE-2023-41253
When on BIG-IP DNS or BIG-IP LTM enabled with DNS Services License, and a TSIG key is created, it is logged in plaintext in the audit log. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Big-ip Domain Name System
F5 Big-ip Local Traffic Manager
383
VMScore
CVE-2020-27720
On BIG-IP LTM/CGNAT version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.5, when processing NAT66 traffic with Port Block Allocation (PBA) mode and SP-DAG enabled, and dag-ipv6-prefix-len configured with a value less than the default of 128, an undisclosed t...
F5 Big-ip Carrier-grade Nat
F5 Big-ip Local Traffic Manager
356
VMScore
CVE-2022-26340
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x and 11.6.x, and F5 BIG-IQ Centralized Management all versions of 8.x and 7.x, an authenticated, high-privilege...
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Global Traffic Manager 11.6.1
F5 Big-ip Domain Name System 12.1.2
F5 Big-ip Policy Enforcement Manager 12.1.1
F5 Big-ip Policy Enforcement Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.2
F5 Big-ip Application Security Manager 12.1.1
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Advanced Firewall Manager 11.6.1
F5 Big-ip Advanced Firewall Manager 12.1.1
F5 Big-ip Analytics 11.6.1
F5 Big-ip Analytics 12.1.0
F5 Big-ip Analytics 12.1.2
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Application Acceleration Manager 12.1.1
F5 Big-ip Application Acceleration Manager 12.1.2
F5 Big-ip Application Security Manager 11.6.1
445
VMScore
CVE-2019-6612
On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, DNS query TCP connections that are aborted before receiving a response from a DNS cache may cause TMM to restart.
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Application Security Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Global Traffic Manager
F5 Big-ip Domain Name System
383
VMScore
CVE-2022-1389
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP (fixed in 17.0.0), a cross-site request forgery (CSRF) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. This vulnerability allows an malicious user to run a limited ...
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Global Traffic Manager 11.6.1
F5 Big-ip Domain Name System 12.1.2
F5 Big-ip Policy Enforcement Manager 12.1.1
F5 Big-ip Policy Enforcement Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.2
F5 Big-ip Application Security Manager 12.1.1
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Advanced Firewall Manager 11.6.1
F5 Big-ip Advanced Firewall Manager 12.1.1
F5 Big-ip Analytics 11.6.1
F5 Big-ip Analytics 12.1.0
F5 Big-ip Analytics 12.1.2
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Application Acceleration Manager 12.1.1
F5 Big-ip Application Acceleration Manager 12.1.2
F5 Big-ip Application Security Manager 11.6.1
356
VMScore
CVE-2022-29474
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x and 11.6.x, a directory traversal vulnerability exists in iControl SOAP that allows an authenticated attacker ...
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Global Traffic Manager 11.6.1
F5 Big-ip Domain Name System 12.1.2
F5 Big-ip Policy Enforcement Manager 12.1.1
F5 Big-ip Policy Enforcement Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.2
F5 Big-ip Application Security Manager 12.1.1
F5 Big-ip Advanced Firewall Manager 12.1.1
F5 Big-ip Advanced Firewall Manager 11.6.1
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Analytics 12.1.2
F5 Big-ip Analytics 12.1.0
F5 Big-ip Analytics 11.6.1
F5 Big-ip Application Security Manager 12.1.0
F5 Big-ip Application Security Manager 11.6.1
F5 Big-ip Application Acceleration Manager 12.1.2
F5 Big-ip Application Acceleration Manager 12.1.1
F5 Big-ip Application Acceleration Manager 12.1.0
445
VMScore
CVE-2022-29480
On F5 BIG-IP 13.1.x versions before 13.1.5, and all versions of 12.1.x and 11.6.x, when multiple route domains are configured, undisclosed requests to big3d can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support (EoT...
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Global Traffic Manager 11.6.1
F5 Big-ip Domain Name System 12.1.2
F5 Big-ip Policy Enforcement Manager 12.1.1
F5 Big-ip Policy Enforcement Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.2
F5 Big-ip Application Security Manager 12.1.1
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Advanced Firewall Manager 11.6.1
F5 Big-ip Advanced Firewall Manager 12.1.1
F5 Big-ip Analytics 11.6.1
F5 Big-ip Analytics 12.1.0
F5 Big-ip Analytics 12.1.2
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Application Acceleration Manager 12.1.1
F5 Big-ip Application Acceleration Manager 12.1.2
F5 Big-ip Application Security Manager 11.6.1
356
VMScore
CVE-2022-1468
On all versions of 17.0.x, 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x on F5 BIG-IP, an authenticated iControl REST user with at least guest role privileges can cause processing delays to iControl REST requests via undisclosed requests. Note: Software versions which have r...
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Global Traffic Manager 11.6.1
F5 Big-ip Domain Name System 12.1.2
F5 Big-ip Policy Enforcement Manager 12.1.1
F5 Big-ip Policy Enforcement Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.2
F5 Big-ip Application Security Manager 12.1.1
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Advanced Firewall Manager 11.6.1
F5 Big-ip Advanced Firewall Manager 12.1.1
F5 Big-ip Analytics 11.6.1
F5 Big-ip Analytics 12.1.0
F5 Big-ip Analytics 12.1.2
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Application Acceleration Manager 12.1.1
F5 Big-ip Application Acceleration Manager 12.1.2
F5 Big-ip Application Security Manager 11.6.1
445
VMScore
CVE-2022-26071
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x and 11.6.x, a flaw in the way reply ICMP packets are limited in the Traffic Management Microkernel (TMM) allow...
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Global Traffic Manager 11.6.1
F5 Big-ip Domain Name System 12.1.2
F5 Big-ip Policy Enforcement Manager 12.1.1
F5 Big-ip Policy Enforcement Manager 12.1.2
F5 Big-ip Advanced Firewall Manager 12.1.2
F5 Big-ip Application Security Manager 12.1.1
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Advanced Firewall Manager 11.6.1
F5 Big-ip Advanced Firewall Manager 12.1.1
F5 Big-ip Analytics 11.6.1
F5 Big-ip Analytics 12.1.0
F5 Big-ip Analytics 12.1.2
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Application Acceleration Manager 12.1.1
F5 Big-ip Application Acceleration Manager 12.1.2
F5 Big-ip Application Security Manager 11.6.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »