Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 big-ip access policy manager client vulnerabilities and exploits
(subscribe to this query)
294
VMScore
CVE-2020-5934
On BIG-IP APM 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when multiple HTTP requests from the same client to configured SAML Single Logout (SLO) URL are passing through a TCP Keep-Alive connection, traffic to TMM can be disrupted.
F5 Big-ip Access Policy Manager
1 Github repository
231
VMScore
CVE-2020-5929
In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous (ADH) or Ephemeral (DHE) Diffie-Hellman key exchange and Single DH ...
F5 Big-ip Local Traffic Manager 11.6.2
F5 Big-ip Local Traffic Manager 12.1.2
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 13.0.0
F5 Big-ip Application Acceleration Manager 13.0.0
F5 Big-ip Application Acceleration Manager 12.1.2
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 11.6.2
F5 Big-ip Advanced Web Application Firewall 13.0.0
F5 Big-ip Advanced Web Application Firewall 12.1.2
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Advanced Web Application Firewall 11.6.2
F5 Big-ip Advanced Firewall Manager 13.0.0
F5 Big-ip Advanced Firewall Manager 12.1.2
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 11.6.2
F5 Big-ip Analytics 12.1.2
F5 Big-ip Analytics 13.0.0
F5 Big-ip Analytics
F5 Big-ip Analytics 11.6.2
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Access Policy Manager 13.0.0
516
VMScore
CVE-2020-5913
In versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2, the BIG-IP Client or Server SSL profile ignores revoked certificates, even when a valid CRL is present. This impacts SSL/TLS connections and may result in a man-in-the-middle atta...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Ddos Hybrid Defender
F5 Ssl Orchestrator
187
VMScore
CVE-2020-5908
In versions bundled with BIG-IP APM 12.1.0-12.1.5 and 11.6.1-11.6.5.2, Edge Client for Linux exposes full session ID in the local log files.
F5 Big-ip Access Policy Manager
409
VMScore
CVE-2020-5896
On versions 7.1.5-7.1.9, the BIG-IP Edge Client's Windows Installer Service's temporary folder has weak file and folder permissions.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
605
VMScore
CVE-2020-5897
In versions 7.1.5-7.1.9, there is use-after-free memory vulnerability in the BIG-IP Edge Client Windows ActiveX component.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
436
VMScore
CVE-2020-5898
In versions 7.1.5-7.1.9, BIG-IP Edge Client Windows Stonewall driver does not sanitize the pointer received from the userland. A local user on the Windows client system can send crafted DeviceIoControl requests to \\.\urvpndrv device causing the Windows kernel to crash.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
409
VMScore
CVE-2020-5892
In versions 7.1.5-7.1.8, the BIG-IP Edge Client components in BIG-IP APM, Edge Gateway, and FirePass legacy allow malicious users to obtain the full session ID from process memory.
F5 Big-ip Access Policy Manager
F5 Big-ip Edge Gateway
F5 Big-ip Access Policy Manager Client
383
VMScore
CVE-2020-5893
In versions 7.1.5-7.1.8, when a user connects to a VPN using BIG-IP Edge Client over an unsecure network, BIG-IP Edge Client responds to authentication requests over HTTP while sending probes for captive portal detection.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
312
VMScore
CVE-2020-5889
On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, in BIG-IP APM portal access, a specially crafted HTTP request can lead to reflected XSS after the BIG-IP APM system rewrites the HTTP response from the untrusted backend server and sends it to the client.
F5 Big-ip Access Policy Manager
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »