Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 big-ip application security manager vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-23036
On version 16.0.x prior to 16.0.1.2, when a BIG-IP ASM and DataSafe profile are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not...
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Application Security Manager
F5 Big-ip Datasafe
8.8
CVSSv3
CVE-2016-5020
F5 BIG-IP prior to 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script.
F5 Big-ip Wan Optimization Manager 11.2.1
F5 Big-ip Wan Optimization Manager 10.2.4
F5 Big-ip Wan Optimization Manager 10.2.2
F5 Big-ip Wan Optimization Manager 10.2.3
F5 Big-ip Wan Optimization Manager 10.2.1
F5 Big-ip Protocol Security Module 11.4.1
F5 Big-ip Protocol Security Module 11.4.0
F5 Big-ip Protocol Security Module 10.2.4
F5 Big-ip Protocol Security Module 10.2.3
F5 Big-ip Protocol Security Module 10.2.2
F5 Big-ip Protocol Security Module 10.2.1
F5 Big-ip Application Acceleration Manager 11.4.1
F5 Big-ip Application Acceleration Manager 11.4.0
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Application Acceleration Manager 11.6.0
F5 Big-ip Application Acceleration Manager 11.5.4
F5 Big-ip Application Acceleration Manager 11.5.2
F5 Big-ip Application Acceleration Manager 11.5.0
F5 Big-ip Application Acceleration Manager 12.0.0
F5 Big-ip Application Acceleration Manager 11.5.3
F5 Big-ip Application Acceleration Manager 11.5.1
5.9
CVSSv3
CVE-2014-4024
SSL virtual servers in F5 BIG-IP systems 10.x prior to 10.2.4 HF9, 11.x prior to 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used with third-party Secure Sockets Layer (SSL) accelerator cards, might allow r...
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Edge Gateway
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Protocol Security Module
F5 Big-ip Webaccelerator
F5 Big-ip Wan Optimization Manager
7.5
CVSSv3
CVE-2019-6605
On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, and 12.0.x, an undisclosed sequence of packets received by an SSL virtual server and processed by an associated Client SSL or Server SSL profile may cause a denial of service.
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Protocol Security Manager
F5 Big-ip Webaccelerator
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
7.5
CVSSv3
CVE-2019-6603
In BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3, and 13.0.0-13.0.1, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual ser...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Protocol Security Manager
F5 Big-ip Webaccelerator
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
4.3
CVSSv3
CVE-2019-6606
On BIG-IP 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3, and 14.0.0-14.0.0.2, when processing certain SNMP requests with a request-id of 0, the snmpd process may leak a small amount of memory.
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Protocol Security Manager
F5 Big-ip Webaccelerator
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
NA
CVE-2014-4023
Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 prior to 11.6.0 and 10.1.0 up to and including 10.2.4, AAM 11.4.0 prior to 11.6.0, AFM and PEM 11.3.0 prior to 11.6.0, Anal...
F5 Big-ip Advanced Firewall Manager 11.5.1
F5 Big-ip Advanced Firewall Manager 11.5.0
F5 Big-ip Advanced Firewall Manager 11.4.1
F5 Big-ip Advanced Firewall Manager 11.3.0
F5 Big-ip Advanced Firewall Manager 11.4.0
F5 Big-ip Policy Enforcement Manager 11.4.0
F5 Big-ip Policy Enforcement Manager 11.5.0
F5 Big-ip Policy Enforcement Manager 11.5.1
F5 Big-ip Policy Enforcement Manager 11.3.0
F5 Big-ip Policy Enforcement Manager 11.4.1
F5 Big-ip Application Security Manager 10.2.1
F5 Big-ip Application Security Manager 10.2.3
F5 Big-ip Application Security Manager 11.4.0
F5 Big-ip Application Security Manager 11.5.0
F5 Big-ip Application Security Manager 10.1.0
F5 Big-ip Application Security Manager 11.5.1
F5 Big-ip Application Security Manager 11.0.0
F5 Big-ip Application Security Manager 11.1.0
F5 Big-ip Application Security Manager 11.2.0
F5 Big-ip Application Security Manager 11.2.1
F5 Big-ip Application Security Manager 10.2.0
F5 Big-ip Application Security Manager 10.2.2
7.5
CVSSv3
CVE-2016-9250
In F5 BIG-IP 11.2.1, 11.4.0 up to and including 11.6.1, and 12.0.0 up to and including 12.1.2, an unauthenticated user with access to the control plane may be able to delete arbitrary files through an undisclosed mechanism.
F5 Big-ip Local Traffic Manager 12.1.1
F5 Big-ip Local Traffic Manager 11.4.1
F5 Big-ip Local Traffic Manager 11.5.1
F5 Big-ip Local Traffic Manager 11.5.3
F5 Big-ip Local Traffic Manager 11.5.4
F5 Big-ip Local Traffic Manager 11.6.0
F5 Big-ip Local Traffic Manager 12.0.0
F5 Big-ip Local Traffic Manager 12.1.0
F5 Big-ip Local Traffic Manager 12.1.2
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Local Traffic Manager 11.4.0
F5 Big-ip Local Traffic Manager 11.5.0
F5 Big-ip Local Traffic Manager 11.5.2
F5 Big-ip Application Acceleration Manager 11.4.1
F5 Big-ip Application Acceleration Manager 11.5.1
F5 Big-ip Application Acceleration Manager 11.5.3
F5 Big-ip Application Acceleration Manager 11.5.4
F5 Big-ip Application Acceleration Manager 11.6.0
F5 Big-ip Application Acceleration Manager 12.0.0
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Application Acceleration Manager 12.1.1
5.5
CVSSv3
CVE-2016-7474
In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information.
F5 Big-ip Local Traffic Manager 11.5.0
F5 Big-ip Local Traffic Manager 11.4.1
F5 Big-ip Local Traffic Manager 12.1.1
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Local Traffic Manager 11.4.0
F5 Big-ip Local Traffic Manager 12.0.0
F5 Big-ip Local Traffic Manager 12.1.0
F5 Big-ip Local Traffic Manager 11.6.1
F5 Big-ip Local Traffic Manager 11.5.4
F5 Big-ip Local Traffic Manager 11.6.0
F5 Big-ip Local Traffic Manager 11.5.3
F5 Big-ip Local Traffic Manager 11.5.1
F5 Big-ip Local Traffic Manager 11.5.2
F5 Big-ip Application Acceleration Manager 11.4.0
F5 Big-ip Application Acceleration Manager 11.4.1
F5 Big-ip Application Acceleration Manager 12.0.0
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Application Acceleration Manager 11.5.2
F5 Big-ip Application Acceleration Manager 11.5.3
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Application Acceleration Manager 11.5.4
F5 Big-ip Application Acceleration Manager 11.6.0
4.3
CVSSv3
CVE-2015-8021
Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, Link Controller, and PSM 11.x prior to 11.2.1 HF11, 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; BIG-IP AAM 11.4.0 before HF8 and 11.4.1 before HF6; BIG-IP AFM and PEM...
F5 Big-ip Wan Optimization Manager 11.0.0
F5 Big-ip Webaccelerator 11.3.0
F5 Big-ip Protocol Security Module 11.3.0
F5 Big-ip Protocol Security Module 11.2.1
F5 Big-ip Link Controller 11.4.0
F5 Big-ip Link Controller 11.3.0
F5 Big-ip Global Traffic Manager 11.2.1
F5 Big-ip Global Traffic Manager 11.2.0
F5 Big-ip Edge Gateway 11.0.0
F5 Big-ip Application Security Manager 11.4.1
F5 Big-ip Access Policy Manager 11.1.0
F5 Big-ip Access Policy Manager 11.0.0
F5 Big-ip Analytics 11.2.0
F5 Big-ip Analytics 11.2.1
F5 Big-ip Application Acceleration Manager 11.4.0
F5 Big-ip Application Acceleration Manager 11.4.1
F5 Big-ip Webaccelerator 11.2.1
F5 Big-ip Webaccelerator 11.2.0
F5 Big-ip Protocol Security Module 11.2.0
F5 Big-ip Protocol Security Module 11.0.0
F5 Big-ip Link Controller 11.2.1
F5 Big-ip Link Controller 11.2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »