Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 big-ip access policy manager 12.1.1 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2016-9257
In F5 BIG-IP APM 12.0.0 up to and including 12.1.2, non-authenticated users may be able to inject JavaScript into a request that will then be rendered and executed in the context of the Administrative user when the Administrative user is viewing the Access System Logs, allowing t...
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 12.0.0
F5 Big-ip Access Policy Manager 12.1.1
5.3
CVSSv3
CVE-2017-0302
In F5 BIG-IP APM 12.0.0 up to and including 12.1.2 and 13.0.0, an authenticated user with an established access session to the BIG-IP APM system may be able to cause a traffic disruption if the length of the requested URL is less than 16 characters.
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 12.0.0
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Access Policy Manager 12.1.2
5.3
CVSSv3
CVE-2016-7467
The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 HF1, 11.5.4 - 11.5.4 HF2, when configured as a SAML Identity Provider with a Service Provider (SP) connector, might allow traffic to be disrupted or failover initiated when a malformed, signed SAML authenticatio...
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Access Policy Manager 12.0.0
F5 Big-ip Access Policy Manager 11.6.0
F5 Big-ip Access Policy Manager 11.5.4
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 11.6.1
7.5
CVSSv3
CVE-2016-9252
The Traffic Management Microkernel (TMM) in F5 BIG-IP prior to 11.5.4 HF3, 11.6.x prior to 11.6.1 HF2 and 12.x prior to 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote malicious users to cause a denial-of-service (DoS) through unspecified ve...
F5 Big-ip Local Traffic Manager 11.4.1
F5 Big-ip Local Traffic Manager 11.5.0
F5 Big-ip Local Traffic Manager 12.0.0
F5 Big-ip Local Traffic Manager 12.1.0
F5 Big-ip Local Traffic Manager 10.2.3
F5 Big-ip Local Traffic Manager 10.2.4
F5 Big-ip Local Traffic Manager 10.2.1
F5 Big-ip Local Traffic Manager 10.2.2
F5 Big-ip Local Traffic Manager 11.5.1
F5 Big-ip Local Traffic Manager 11.5.2
F5 Big-ip Local Traffic Manager 12.1.1
F5 Big-ip Local Traffic Manager 11.5.3
F5 Big-ip Local Traffic Manager 11.5.4
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Local Traffic Manager 11.4.0
F5 Big-ip Local Traffic Manager 11.6.0
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Application Acceleration Manager 11.4.0
F5 Big-ip Application Acceleration Manager 11.6.0
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Application Acceleration Manager 12.0.0
F5 Big-ip Application Acceleration Manager 11.5.1
5.5
CVSSv3
CVE-2016-7474
In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information.
F5 Big-ip Local Traffic Manager 11.5.0
F5 Big-ip Local Traffic Manager 11.4.1
F5 Big-ip Local Traffic Manager 12.1.1
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Local Traffic Manager 11.4.0
F5 Big-ip Local Traffic Manager 12.0.0
F5 Big-ip Local Traffic Manager 12.1.0
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 11.5.4
F5 Big-ip Local Traffic Manager 11.6.0
F5 Big-ip Local Traffic Manager 11.5.3
F5 Big-ip Local Traffic Manager 11.5.1
F5 Big-ip Local Traffic Manager 11.5.2
F5 Big-ip Application Acceleration Manager 11.4.0
F5 Big-ip Application Acceleration Manager 11.4.1
F5 Big-ip Application Acceleration Manager 12.0.0
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Application Acceleration Manager 11.5.2
F5 Big-ip Application Acceleration Manager 11.5.3
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Application Acceleration Manager 11.5.4
F5 Big-ip Application Acceleration Manager 11.6.0
5.9
CVSSv3
CVE-2016-9245
In F5 BIG-IP systems 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default "Normalize URI" conf...
F5 Big-ip Local Traffic Manager 12.1.0
F5 Big-ip Local Traffic Manager 12.1.1
F5 Big-ip Local Traffic Manager 12.1.2
F5 Big-ip Application Acceleration Manager 12.1.2
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Application Acceleration Manager 12.1.1
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Advanced Firewall Manager 12.1.1
F5 Big-ip Advanced Firewall Manager 12.1.2
F5 Big-ip Analytics 12.1.2
F5 Big-ip Analytics 12.1.0
F5 Big-ip Analytics 12.1.1
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Application Security Manager 12.1.2
F5 Big-ip Application Security Manager 12.1.0
F5 Big-ip Application Security Manager 12.1.1
F5 Big-ip Domain Name System 12.1.1
F5 Big-ip Domain Name System 12.1.2
F5 Big-ip Domain Name System 12.1.0
F5 Big-ip Link Controller 12.1.2
7.5
CVSSv3
CVE-2016-9244
A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory. A remote attacker may exploit this vulnerability to obtain Secure Sockets Layer (SSL) session IDs from other sessi...
F5 Big-ip Local Traffic Manager 12.1.0
F5 Big-ip Local Traffic Manager 12.1.2
F5 Big-ip Local Traffic Manager 11.5.2
F5 Big-ip Local Traffic Manager 11.5.1
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 12.0.0
F5 Big-ip Local Traffic Manager 11.5.0
F5 Big-ip Local Traffic Manager 11.4.1
F5 Big-ip Local Traffic Manager 11.6.0
F5 Big-ip Local Traffic Manager 12.1.1
F5 Big-ip Local Traffic Manager 11.4.0
F5 Big-ip Local Traffic Manager 11.5.4
F5 Big-ip Local Traffic Manager 11.5.3
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Application Acceleration Manager 11.4.0
F5 Big-ip Application Acceleration Manager 12.0.0
F5 Big-ip Application Acceleration Manager 12.1.1
F5 Big-ip Application Acceleration Manager 11.4.1
F5 Big-ip Application Acceleration Manager 11.5.0
F5 Big-ip Application Acceleration Manager 11.5.1
F5 Big-ip Application Acceleration Manager 11.5.2
F5 Big-ip Application Acceleration Manager 11.5.3
1 EDB exploit
2 Nmap scripts
3 Github repositories
7.5
CVSSv3
CVE-2016-9249
An undisclosed traffic pattern received by a BIG-IP Virtual Server with TCP Fast Open enabled may cause the Traffic Management Microkernel (TMM) to restart, resulting in a Denial-of-Service (DoS).
F5 Big-ip Local Traffic Manager 12.0.0
F5 Big-ip Local Traffic Manager 12.1.0
F5 Big-ip Local Traffic Manager 12.1.1
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Application Acceleration Manager 12.1.1
F5 Big-ip Application Acceleration Manager 12.0.0
F5 Big-ip Advanced Firewall Manager 12.1.1
F5 Big-ip Advanced Firewall Manager 12.0.0
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Analytics 12.1.1
F5 Big-ip Analytics 12.0.0
F5 Big-ip Analytics 12.1.0
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Access Policy Manager 12.0.0
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Application Security Manager 12.1.1
F5 Big-ip Application Security Manager 12.0.0
F5 Big-ip Application Security Manager 12.1.0
F5 Big-ip Domain Name System 12.1.1
F5 Big-ip Domain Name System 12.0.0
F5 Big-ip Domain Name System 12.1.0
F5 Big-ip Link Controller 12.1.1
5.9
CVSSv3
CVE-2016-9247
Under certain conditions for BIG-IP systems using a virtual server with an associated FastL4 profile and TCP analytics profile, a specific sequence of packets may cause the Traffic Management Microkernel (TMM) to restart.
F5 Big-ip Local Traffic Manager 12.1.0
F5 Big-ip Local Traffic Manager 12.1.1
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Application Acceleration Manager 12.1.1
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Advanced Firewall Manager 12.1.1
F5 Big-ip Analytics 12.1.0
F5 Big-ip Analytics 12.1.1
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Application Security Manager 12.1.0
F5 Big-ip Application Security Manager 12.1.1
F5 Big-ip Domain Name System 12.1.0
F5 Big-ip Domain Name System 12.1.1
F5 Big-ip Link Controller 12.1.0
F5 Big-ip Link Controller 12.1.1
F5 Big-ip Policy Enforcement Manager 12.1.0
F5 Big-ip Policy Enforcement Manager 12.1.1
F5 Big-ip Websafe 12.1.1
F5 Big-ip Websafe 12.1.0
5.9
CVSSv3
CVE-2016-5024
Virtual servers in F5 BIG-IP systems 11.6.1 prior to 11.6.1 HF1 and 12.1.x prior to 12.1.2, when configured to parse RADIUS messages via an iRule, allow remote malicious users to cause a denial of service (Traffic Management Microkernel restart) via crafted network traffic.
F5 Big-ip Local Traffic Manager 12.1.1
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 12.1.0
F5 Big-ip Application Acceleration Manager 12.1.1
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Advanced Firewall Manager 12.1.1
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Advanced Firewall Manager 11.6.1
F5 Big-ip Analytics 12.1.1
F5 Big-ip Analytics 11.6.1
F5 Big-ip Analytics 12.1.0
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Access Policy Manager 11.6.1
F5 Big-ip Application Security Manager 12.1.1
F5 Big-ip Application Security Manager 12.1.0
F5 Big-ip Application Security Manager 11.6.1
F5 Big-ip Domain Name System 12.1.1
F5 Big-ip Domain Name System 12.1.0
F5 Big-ip Global Traffic Manager 11.6.1
F5 Big-ip Link Controller 12.1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4