Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
big-ip dns vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2018-5505
On F5 BIG-IP versions 13.1.0 - 13.1.0.3, when ASM and AVR are both provisioned, TMM may restart while processing DNS requests when the virtual server is configured with a DNS profile and the Protocol setting is set to TCP.
F5 Big-ip Application Security Manager
F5 Big-ip Analytics
4.9
CVSSv3
CVE-2016-5021
The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.5.x prior to 11.5.4, 11.6.x prior to 11.6.1, and 12.x prior to 12.0.0 HF3; BIG-IP DNS 12.x prior to 12.0.0 HF3; BIG-IP GTM 11.5.x prior to 11.5.4 and 11.6.x prior to 11.6.1; BIG...
F5 Big-iq Application Delivery Controller 4.5.0
F5 Big-iq Cloud And Orchestration 1.0.0
F5 Big-ip Application Acceleration Manager 12.0.0
F5 Big-ip Application Acceleration Manager 11.6.0
F5 Big-ip Application Acceleration Manager 11.5.3
F5 Big-ip Application Acceleration Manager 11.5.2
F5 Big-ip Application Acceleration Manager 11.5.0
F5 Big-ip Application Acceleration Manager 11.5.1
F5 Big-ip Access Policy Manager 11.5.0
F5 Big-ip Access Policy Manager 11.5.1
F5 Big-ip Access Policy Manager 12.0.0
F5 Big-ip Access Policy Manager 11.6.0
F5 Big-ip Access Policy Manager 11.5.3
F5 Big-ip Access Policy Manager 11.5.2
F5 Big-ip Local Traffic Manager 11.6.0
F5 Big-ip Local Traffic Manager 11.5.3
F5 Big-ip Local Traffic Manager 11.5.2
F5 Big-ip Local Traffic Manager 11.5.1
F5 Big-ip Local Traffic Manager 12.0.0
F5 Big-ip Local Traffic Manager 11.5.0
F5 Big-ip Global Traffic Manager 11.6.0
F5 Big-ip Global Traffic Manager 11.5.2
7.5
CVSSv3
CVE-2018-5743
By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit...
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 15.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 15.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 15.0.0
F5 Big-ip Analytics
F5 Big-ip Analytics 15.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 15.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 15.0.0
F5 Big-ip Edge Gateway
F5 Big-ip Edge Gateway 15.0.0
F5 Big-ip Fraud Protection Service
F5 Big-ip Fraud Protection Service 15.0.0
F5 Big-ip Global Traffic Manager
F5 Big-ip Global Traffic Manager 15.0.0
F5 Big-ip Link Controller
F5 Big-ip Link Controller 15.0.0
F5 Big-ip Webaccelerator
F5 Big-ip Webaccelerator 15.0.0
3 Github repositories
7.5
CVSSv3
CVE-2020-27721
In versions 16.0.0-16.0.0.1, 15.1.0-15.1.1, 14.1.0-14.1.3, 13.1.0-13.1.3.5, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, in a BIG-IP DNS / BIG-IP LTM GSLB deployment, under certain circumstances, the BIG-IP DNS system may stop using a BIG-IP LTM virtual server for DNS response.
F5 Big-ip Domain Name System
F5 Big-ip Global Traffic Manager
7.5
CVSSv3
CVE-2022-41787
In BIG-IP versions 17.0.x prior to 17.0.0.1, 16.1.x prior to 16.1.3.1, 15.1.x prior to 15.1.6.1, 14.1.x prior to 14.1.5.1, and 13.1.x prior to 13.1.5.1, when DNS profile is configured on a virtual server with DNS Express enabled, undisclosed DNS queries with DNSSEC can cause TMM ...
F5 Big-ip Local Traffic Manager
F5 Big-ip Domain Name System
5.5
CVSSv3
CVE-2023-41253
When on BIG-IP DNS or BIG-IP LTM enabled with DNS Services License, and a TSIG key is created, it is logged in plaintext in the audit log. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Big-ip Domain Name System
F5 Big-ip Local Traffic Manager
7.2
CVSSv3
CVE-2021-22982
On BIG-IP DNS and GTM version 13.1.x prior to 13.1.0.4, and all versions of 12.1.x and 11.6.x, big3d does not securely handle and parse certain payloads resulting in a buffer overflow. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated...
F5 Big-ip Domain Name System
F5 Big-ip Global Traffic Manager
8.8
CVSSv3
CVE-2022-23013
On BIG-IP DNS & GTM version 16.x prior to 16.1.0, 15.1.x prior to 15.1.4, 14.1.x prior to 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, a DOM-based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allo...
F5 Big-ip Domain Name System
F5 Big-ip Global Traffic Manager
5.3
CVSSv3
CVE-2022-23032
In all versions prior to 7.2.1.4, when proxy settings are configured in the network access resource of a BIG-IP APM system, connecting BIG-IP Edge Client on Mac and Windows is vulnerable to a DNS rebinding attack. Note: Software versions which have reached End of Technical Suppor...
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
8.8
CVSSv3
CVE-2023-28742
When DNS is provisioned, an authenticated remote command execution vulnerability exists in DNS iQuery mesh. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Big-ip Domain Name System
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »