Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
policy manager vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-5508
On F5 BIG-IP PEM versions 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.5.1-11.5.5, or 11.2.1, under certain conditions, TMM may crash when processing compressed data though a Virtual Server with an associated PEM profile using the content insertion option.
F5 Big-ip Policy Enforcement Manager 13.0.0
F5 Big-ip Policy Enforcement Manager 11.2.1
F5 Big-ip Policy Enforcement Manager
4.3
CVSSv2
CVE-2013-5975
The access policy logon page (logon.inc) in F5 BIG-IP APM 11.1.0 up to and including 11.2.1 allows remote malicious users to conduct clickjacking attacks via unspecified vectors.
F5 Big-ip Access Policy Manager 11.1.0
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Access Policy Manager 11.2.0
5.8
CVSSv2
CVE-2017-6144
In F5 BIG-IP PEM 12.1.0 up to and including 12.1.2 when downloading the Type Allocation Code (TAC) database file via HTTPS, the server's certificate is not verified. Attackers in a privileged network position may be able to launch a man-in-the-middle attack against these con...
F5 Big-ip Policy Enforcement Manager 12.1.1
F5 Big-ip Policy Enforcement Manager 12.1.2
F5 Big-ip Policy Enforcement Manager 12.1.0
4.3
CVSSv2
CVE-2017-6160
In F5 BIG-IP AAM and PEM software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.4.1 to 11.5.4, a remote attacker may create maliciously crafted HTTP request to cause Traffic Management Microkernel (TMM) to restart and temporarily fail to process traffic. This issue is exposed on...
F5 Big-ip Application Acceleration Manager 11.5.2
F5 Big-ip Application Acceleration Manager 12.0.0
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Application Acceleration Manager 11.4.1
F5 Big-ip Application Acceleration Manager 11.5.1
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Application Acceleration Manager 11.5.4
F5 Big-ip Application Acceleration Manager 12.1.1
F5 Big-ip Application Acceleration Manager 11.5.3
F5 Big-ip Application Acceleration Manager 11.6.0
F5 Big-ip Application Acceleration Manager 11.5.0
F5 Big-ip Application Acceleration Manager 11.4.0
F5 Big-ip Application Acceleration Manager 11.5.5
F5 Big-ip Policy Enforcement Manager 12.1.1
F5 Big-ip Policy Enforcement Manager 11.5.2
F5 Big-ip Policy Enforcement Manager 11.5.0
F5 Big-ip Policy Enforcement Manager 12.0.0
F5 Big-ip Policy Enforcement Manager 11.4.0
F5 Big-ip Policy Enforcement Manager 11.5.3
F5 Big-ip Policy Enforcement Manager 11.6.1
F5 Big-ip Policy Enforcement Manager 11.4.1
F5 Big-ip Policy Enforcement Manager 11.5.4
NA
CVE-2023-38418
The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Big-ip Access Policy Manager
F5 Access Policy Manager Clients
NA
CVE-2023-36858
An insufficient verification of data vulnerability exists in BIG-IP Edge Client for Windows and macOS that may allow an malicious user to modify its configured server list. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Access Policy Manager Clients
F5 Big-ip Access Policy Manager
2.7
CVSSv2
CVE-2021-23002
When using BIG-IP APM 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, or all 12.1.x and 11.6.x versions or Edge Client versions 7.2.1.x prior to 7.2.1.1, 7.1.9.x prior to 7.1.9.8, or 7.1.8.x prior to 7.1.8.5, the session ID is...
F5 Big-ip Access Policy Manager
F5 Access Policy Manager Clients
6.9
CVSSv2
CVE-2021-22980
In Edge Client version 7.2.x prior to 7.2.1.1, 7.1.9.x prior to 7.1.9.8, and 7.1.x-7.1.8.x prior to 7.1.8.5, an untrusted search path vulnerability in the BIG-IP APM Client Troubleshooting Utility (CTU) for Windows could allow an malicious user to load a malicious DLL library fro...
F5 Big-ip Access Policy Manager
F5 Access Policy Manager Clients
NA
CVE-2023-43762
Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend). This affects WithSecure Policy Manager 15 and Policy Manager Proxy 15.
Withsecure F-secure Policy Manager 15.00
Withsecure Policy Manager Proxy 15.00
7.2
CVSSv2
CVE-2018-5547
Windows Logon Integration feature of F5 BIG-IP APM client prior to version 7.1.7.1 for Windows by default uses Legacy logon mode which uses a SYSTEM account to establish network access. This feature displays a certificate user interface dialog box which contains the link to the c...
F5 Big-ip Access Policy Manager Client 7.1.7
F5 Big-ip Access Policy Manager Client 7.1.6
F5 Big-ip Access Policy Manager Client 7.1.6.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »