Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 big-ip access policy manager 11.6.1 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-5924
In BIG-IP APM versions 12.1.0-12.1.5.1 and 11.6.1-11.6.5.2, RADIUS authentication leaks memory when the username for authentication is not set.
F5 Big-ip Access Policy Manager
4
CVSSv2
CVE-2019-6615
On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, Administrator and Resource Administrator roles might exploit TMSH access to bypass Appliance Mode restrictions on BIG-IP systems.
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
F5 Big-ip Application Security Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Websafe
F5 Big-ip Global Traffic Manager
F5 Big-ip Analytics
F5 Big-ip Edge Gateway
F5 Big-ip Domain Name System
2.1
CVSSv2
CVE-2020-5908
In versions bundled with BIG-IP APM 12.1.0-12.1.5 and 11.6.1-11.6.5.2, Edge Client for Linux exposes full session ID in the local log files.
F5 Big-ip Access Policy Manager
5.8
CVSSv2
CVE-2020-27729
In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, an undisclosed link on the BIG-IP APM virtual server allows a malicious user to build an open redirect URI.
F5 Big-ip Access Policy Manager
4
CVSSv2
CVE-2020-27724
In BIG-IP APM versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, on systems running more than one TMM instance, authenticated VPN users may consume excessive resources by sending specially-crafted mali...
F5 Big-ip Access Policy Manager
6.8
CVSSv2
CVE-2020-5948
On BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user ...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Access Policy Manager 16.0.0
F5 Big-ip Advanced Firewall Manager 16.0.0
F5 Big-ip Analytics 16.0.0
F5 Big-ip Application Acceleration Manager 16.0.0
F5 Big-ip Application Security Manager 16.0.0
F5 Big-ip Domain Name System 16.0.0
F5 Big-ip Fraud Protection Service 16.0.0
F5 Big-ip Global Traffic Manager 16.0.0
F5 Big-ip Link Controller 16.0.0
F5 Big-ip Local Traffic Manager 16.0.0
F5 Big-ip Policy Enforcement Manager 16.0.0
4.3
CVSSv2
CVE-2018-5522
On F5 BIG-IP 13.0.0, 12.0.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, when processing DIAMETER transactions with carefully crafted attribute-value pairs, TMM may crash.
F5 Big-ip Application Acceleration Manager 11.2.1
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 13.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Local Traffic Manager 13.0.0
F5 Big-ip Advanced Firewall Manager 13.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 11.2.1
F5 Big-ip Analytics 11.2.1
F5 Big-ip Analytics
F5 Big-ip Analytics 13.0.0
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 11.2.1
F5 Big-ip Application Security Manager 13.0.0
F5 Big-ip Domain Name System 11.2.1
F5 Big-ip Domain Name System
F5 Big-ip Domain Name System 13.0.0
F5 Big-ip Edge Gateway 13.0.0
4.3
CVSSv2
CVE-2019-6599
In BIG-IP 11.6.1-11.6.3.2 or 11.5.1-11.5.8, or Enterprise Manager 3.1.1, improper escaping of values in an undisclosed page of the configuration utility may result with an improper handling on the JSON response when it is injected by a malicious script via a remote cross-site scr...
F5 Big-ip Access Policy Manager
6.4
CVSSv2
CVE-2017-6158
In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 there is a vulnerability in TMM related to handling of invalid IP addresses.
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 11.2.1
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 11.2.1
F5 Big-ip Analytics
F5 Big-ip Analytics 11.2.1
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Application Security Manager 11.2.1
F5 Big-ip Application Security Manager
F5 Big-ip Edge Gateway
F5 Big-ip Edge Gateway 11.2.1
F5 Big-ip Global Traffic Manager
F5 Big-ip Global Traffic Manager 11.2.1
F5 Big-ip Link Controller
F5 Big-ip Link Controller 11.2.1
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Policy Enforcement Manager 11.2.1
F5 Big-ip Webaccelerator 11.2.1
F5 Big-ip Webaccelerator
4.3
CVSSv2
CVE-2019-6604
On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 14.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 14.0.0
F5 Big-ip Application Acceleration Manager 14.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Edge Gateway
F5 Big-ip Edge Gateway 14.0.0
F5 Big-ip Fraud Protection Service 14.0.0
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Global Traffic Manager 14.0.0
F5 Big-ip Link Controller
F5 Big-ip Link Controller 14.0.0
F5 Big-ip Local Traffic Manager 14.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager 14.0.0
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Protocol Security Module
F5 Big-ip Protocol Security Manager
F5 Big-ip Protocol Security Manager 14.0.0
F5 Big-ip Webaccelerator
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »