Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 big-ip advanced firewall manager 11.5.1 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-6626
On BIG-IP (AFM, Analytics, ASM) 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, and 11.5.1-11.6.3.4, A reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI), also known as the Conf...
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
4.3
CVSSv2
CVE-2019-6625
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, and 11.5.1-11.6.4, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI) also known as the BIG-IP Configuration utility.
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
F5 Big-ip Websafe
4.3
CVSSv2
CVE-2019-6604
On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 14.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 14.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 14.0.0
F5 Big-ip Edge Gateway
F5 Big-ip Edge Gateway 14.0.0
F5 Big-ip Fraud Protection Service
F5 Big-ip Fraud Protection Service 14.0.0
F5 Big-ip Global Traffic Manager
F5 Big-ip Global Traffic Manager 14.0.0
F5 Big-ip Link Controller
F5 Big-ip Link Controller 14.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 14.0.0
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Policy Enforcement Manager 14.0.0
F5 Big-ip Protocol Security Manager
F5 Big-ip Protocol Security Manager 14.0.0
F5 Big-ip Protocol Security Module
F5 Big-ip Webaccelerator
4.3
CVSSv2
CVE-2019-6600
In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, when remote authentication is enabled for administrative users and all external users are granted the "guest" role, unsanitized values can be reflected to the client via the ...
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
4.3
CVSSv2
CVE-2019-6593
On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configured with a Client SSL profile may be vulnerable to a chosen ciphertext attack against CBC ciphers. When exploited, this may result in plaintext recovery of encrypted messages through a man-in-the-middle (MITM) a...
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 11.6.1
F5 Big-ip Access Policy Manager
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 12.1.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Advanced Firewall Manager 12.1.0
F5 Big-ip Advanced Firewall Manager 11.6.1
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics 11.6.1
F5 Big-ip Analytics 12.1.0
F5 Big-ip Analytics
F5 Big-ip Application Security Manager 12.1.0
F5 Big-ip Application Security Manager 11.6.1
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System 12.1.0
F5 Big-ip Domain Name System 11.6.1
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway 12.1.0
F5 Big-ip Edge Gateway 11.6.1
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service 12.1.0
2 Github repositories
4.3
CVSSv2
CVE-2019-6594
On BIG-IP 11.5.1-11.6.3.2, 12.1.3.4-12.1.3.7, 13.0.0 HF1-13.1.1.1, and 14.0.0-14.0.0.2, Multi-Path TCP (MPTCP) does not protect against multiple zero length DATA_FINs in the reassembly queue, which can lead to an infinite loop in some circumstances.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 13.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 13.0.0
F5 Big-ip Analytics
F5 Big-ip Analytics 13.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 13.0.0
F5 Big-ip Domain Name System
F5 Big-ip Domain Name System 13.0.0
F5 Big-ip Edge Gateway
F5 Big-ip Edge Gateway 13.0.0
F5 Big-ip Fraud Protection Service
F5 Big-ip Fraud Protection Service 13.0.0
F5 Big-ip Global Traffic Manager
F5 Big-ip Global Traffic Manager 13.0.0
F5 Big-ip Link Controller
F5 Big-ip Link Controller 13.0.0
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Policy Enforcement Manager 13.0.0
4.3
CVSSv2
CVE-2018-15311
When F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.5.1-11.5.6 is processing specially crafted TCP traffic with the Large Receive Offload (LRO) feature enabled, TMM may crash, leading to a failover event. This vulnerability is not exposed unless LRO is enabled...
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
4.3
CVSSv2
CVE-2018-5521
On F5 BIG-IP 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, carefully crafted URLs can be used to reflect arbitrary content into GeoIP lookup responses, potentially exposing clients to XSS.
F5 Big-ip Application Acceleration Manager 11.2.1
F5 Big-ip Application Acceleration Manager
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Local Traffic Manager
F5 Big-ip Advanced Firewall Manager 11.2.1
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics 11.2.1
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager 11.2.1
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System 11.2.1
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway 11.2.1
F5 Big-ip Edge Gateway
F5 Big-ip Global Traffic Manager 11.2.1
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller 11.2.1
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager 11.2.1
F5 Big-ip Policy Enforcement Manager
4.3
CVSSv2
CVE-2018-5522
On F5 BIG-IP 13.0.0, 12.0.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, when processing DIAMETER transactions with carefully crafted attribute-value pairs, TMM may crash.
F5 Big-ip Application Acceleration Manager 13.0.0
F5 Big-ip Application Acceleration Manager 11.2.1
F5 Big-ip Application Acceleration Manager
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Local Traffic Manager 13.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Advanced Firewall Manager 11.2.1
F5 Big-ip Advanced Firewall Manager 13.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics 11.2.1
F5 Big-ip Analytics 13.0.0
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager 13.0.0
F5 Big-ip Application Security Manager 11.2.1
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System 13.0.0
F5 Big-ip Domain Name System 11.2.1
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway 11.2.1
4.3
CVSSv2
CVE-2014-4024
SSL virtual servers in F5 BIG-IP systems 10.x prior to 10.2.4 HF9, 11.x prior to 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used with third-party Secure Sockets Layer (SSL) accelerator cards, might allow r...
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Edge Gateway
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Protocol Security Module
F5 Big-ip Webaccelerator
F5 Big-ip Wan Optimization Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »