Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 big-ip access policy manager client vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2020-5855
When the Windows Logon Integration feature is configured for all versions of BIG-IP Edge Client for Windows, unauthorized users who have physical access to an authorized user's machine can get shell access under unprivileged user.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
312
VMScore
CVE-2019-19150
On versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, the BIG-IP APM system logs the client-session-id when a per-session policy is attached to the virtual server with debug logging enabled.
F5 Big-ip Access Policy Manager
436
VMScore
CVE-2019-6668
The BIG-IP APM Edge Client for macOS bundled with BIG-IP APM 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.5, and 11.5.1-11.6.5 may allow unprivileged users to access files owned by root.
F5 Big-ip Access Policy Manager
668
VMScore
CVE-2019-6675
BIG-IP configurations using Active Directory, LDAP, or Client Certificate LDAP for management authentication with multiple servers are exposed to a vulnerability which allows an authentication bypass. This can result in a complete compromise of the system. This issue only impacts...
F5 Big-ip Link Controller
F5 Big-ip Link Controller 14.1.0.3.0.79.6-eng Hotfix
F5 Big-ip Link Controller 14.1.0.3.0.97.6-eng Hotfix
F5 Big-ip Link Controller 14.1.0.3.0.99.6-eng Hotfix
F5 Big-ip Link Controller 14.1.0.5.0.15.5-eng Hotfix
F5 Big-ip Link Controller 14.1.0.5.0.36.5-eng Hotfix
F5 Big-ip Link Controller 14.1.0.5.0.40.5-eng Hotfix
F5 Big-ip Link Controller 14.1.0.6.0.11.9-eng Hotfix
F5 Big-ip Link Controller 14.1.0.6.0.14.9-eng Hotfix
F5 Big-ip Link Controller 14.1.0.6.0.68.9-eng Hotfix
F5 Big-ip Link Controller 14.1.0.6.0.70.9-eng Hotfix
F5 Big-ip Link Controller 14.1.2.0.11.37-eng Hotfix
F5 Big-ip Link Controller 14.1.2.0.18.37-eng Hotfix
F5 Big-ip Link Controller 14.1.2.0.32.37-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.46.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.14.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.16.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.34.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.97.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.99.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.105.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.111.4-eng Hotfix
384
VMScore
CVE-2018-5743
By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit...
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 15.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 15.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 15.0.0
F5 Big-ip Analytics
F5 Big-ip Analytics 15.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 15.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 15.0.0
F5 Big-ip Edge Gateway
F5 Big-ip Edge Gateway 15.0.0
F5 Big-ip Fraud Protection Service
F5 Big-ip Fraud Protection Service 15.0.0
F5 Big-ip Global Traffic Manager
F5 Big-ip Global Traffic Manager 15.0.0
F5 Big-ip Link Controller
F5 Big-ip Link Controller 15.0.0
F5 Big-ip Webaccelerator
F5 Big-ip Webaccelerator 15.0.0
3 Github repositories
445
VMScore
CVE-2019-6656
BIG-IP APM Edge Client before version 7.1.8 (7180.2019.508.705) logs the full apm session ID in the log files. Vulnerable versions of the client are bundled with BIG-IP APM versions 15.0.0-15.0.1, 14,1.0-14.1.0.6, 14.0.0-14.0.0.4, 13.0.0-13.1.1.5, 12.1.0-12.1.5, and 11.5.1-11.6.5...
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
383
VMScore
CVE-2019-6629
On BIG-IP 14.1.0-14.1.0.5, undisclosed SSL traffic to a virtual server configured with a Client SSL profile may cause TMM to fail and restart. The Client SSL profile must have session tickets enabled and use DHE cipher suites to be affected. This only impacts the data plane, ther...
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
F5 Big-ip Websafe
445
VMScore
CVE-2019-6605
On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, and 12.0.x, an undisclosed sequence of packets received by an SSL virtual server and processed by an associated Client SSL or Server SSL profile may cause a denial of service.
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Protocol Security Manager
F5 Big-ip Webaccelerator
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
383
VMScore
CVE-2019-6600
In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, when remote authentication is enabled for administrative users and all external users are granted the "guest" role, unsanitized values can be reflected to the client via the ...
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
384
VMScore
CVE-2019-6593
On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configured with a Client SSL profile may be vulnerable to a chosen ciphertext attack against CBC ciphers. When exploited, this may result in plaintext recovery of encrypted messages through a man-in-the-middle (MITM) a...
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 11.6.1
F5 Big-ip Access Policy Manager
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 12.1.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Advanced Firewall Manager 11.6.1
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics 11.6.1
F5 Big-ip Analytics 12.1.0
F5 Big-ip Analytics
F5 Big-ip Application Security Manager 12.1.0
F5 Big-ip Application Security Manager 11.6.1
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System 12.1.0
F5 Big-ip Domain Name System 11.6.1
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway 12.1.0
F5 Big-ip Edge Gateway 11.6.1
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service 12.1.0
2 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »