Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
big-ip access policy manager vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2021-23046
On all versions of Guided Configuration prior to 8.0.0, when a configuration that contains secure properties is created and deployed from Access Guided Configuration (AGC), secure properties are logged in restnoded logs. Note: Software versions which have reached End of Technical...
F5 Big-ip Access Policy Manager
F5 Big-ip Guided Configuration
NA
CVE-2022-33203
In BIG-IP Versions 16.1.x prior to 16.1.3, 15.1.x prior to 15.1.6.1, and 14.1.x prior to 14.1.5, when a BIG-IP APM access policy with Service Connect agent is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software...
F5 Big-ip Access Policy Manager
F5 Big-ip Ssl Orchestrator
445
VMScore
CVE-2017-6148
Responses to SOCKS proxy requests made through F5 BIG-IP version 13.0.0, 12.0.0-12.1.3.1, 11.6.1-11.6.2, or 11.5.1-11.5.5 may cause a disruption of services provided by TMM. The data plane is impacted and exposed only when a SOCKS proxy profile is attached to a Virtual Server. Th...
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 13.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 13.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 13.0.0
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 13.0.0
F5 Big-ip Link Controller
F5 Big-ip Link Controller 13.0.0
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Policy Enforcement Manager 13.0.0
F5 Big-ip Websafe
F5 Big-ip Websafe 13.0.0
445
VMScore
CVE-2020-5874
On BIG-IP APM 15.0.0-15.0.1.2, 14.1.0-14.1.2.3, and 14.0.0-14.0.1, in certain circumstances, an attacker sending specifically crafted requests to a BIG-IP APM virtual server may cause a disruption of service provided by the Traffic Management Microkernel(TMM).
F5 Big-ip Access Policy Manager
312
VMScore
CVE-2020-5889
On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, in BIG-IP APM portal access, a specially crafted HTTP request can lead to reflected XSS after the BIG-IP APM system rewrites the HTTP response from the untrusted backend server and sends it to the client.
F5 Big-ip Access Policy Manager
445
VMScore
CVE-2020-5919
In versions 15.1.0-15.1.0.4, rendering of certain session variables by BIG-IP APM UI-based agents in an access profile configured with Modern customization, may cause the Traffic Management Microkernel (TMM) to stop responding.
F5 Big-ip Access Policy Manager
445
VMScore
CVE-2020-5924
In BIG-IP APM versions 12.1.0-12.1.5.1 and 11.6.1-11.6.5.2, RADIUS authentication leaks memory when the username for authentication is not set.
F5 Big-ip Access Policy Manager
312
VMScore
CVE-2020-5853
In BIG-IP APM portal access on versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, when backend servers serve HTTP pages with special JavaScript code, this can lead to internal portal access name conflict.
F5 Big-ip Access Policy Manager
383
VMScore
CVE-2021-23054
On version 16.x prior to 16.1.0, 15.1.x prior to 15.1.4, 14.1.x prior to 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, a reflected cross-site scripting (XSS) vulnerability exists in the resource information page for authenticated users when a full webtop is configured...
F5 Big-ip Access Policy Manager
694
VMScore
CVE-2020-27716
On versions 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.5, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when a BIG-IP APM virtual server processes traffic of an undisclosed nature, the Traffic Management Microkernel (TMM) stops responding and restarts.
F5 Big-ip Access Policy Manager
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »