Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
policy manager vulnerabilities and exploits
(subscribe to this query)
392
VMScore
CVE-2018-15332
The svpn component of the F5 BIG-IP APM client prior to version 7.1.7.2 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host in a race condition.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 14.0.0
F5 Big-ip Access Policy Manager Client
383
VMScore
CVE-2013-5975
The access policy logon page (logon.inc) in F5 BIG-IP APM 11.1.0 up to and including 11.2.1 allows remote malicious users to conduct clickjacking attacks via unspecified vectors.
F5 Big-ip Access Policy Manager 11.1.0
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Access Policy Manager 11.2.0
516
VMScore
CVE-2017-6144
In F5 BIG-IP PEM 12.1.0 up to and including 12.1.2 when downloading the Type Allocation Code (TAC) database file via HTTPS, the server's certificate is not verified. Attackers in a privileged network position may be able to launch a man-in-the-middle attack against these con...
F5 Big-ip Policy Enforcement Manager 12.1.1
F5 Big-ip Policy Enforcement Manager 12.1.2
F5 Big-ip Policy Enforcement Manager 12.1.0
383
VMScore
CVE-2017-6160
In F5 BIG-IP AAM and PEM software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.4.1 to 11.5.4, a remote attacker may create maliciously crafted HTTP request to cause Traffic Management Microkernel (TMM) to restart and temporarily fail to process traffic. This issue is exposed on...
F5 Big-ip Application Acceleration Manager 11.5.2
F5 Big-ip Application Acceleration Manager 12.0.0
F5 Big-ip Application Acceleration Manager 12.1.0
F5 Big-ip Application Acceleration Manager 11.4.1
F5 Big-ip Application Acceleration Manager 11.5.1
F5 Big-ip Application Acceleration Manager 11.6.1
F5 Big-ip Application Acceleration Manager 11.5.4
F5 Big-ip Application Acceleration Manager 12.1.1
F5 Big-ip Application Acceleration Manager 11.5.3
F5 Big-ip Application Acceleration Manager 11.6.0
F5 Big-ip Application Acceleration Manager 11.5.0
F5 Big-ip Application Acceleration Manager 11.4.0
F5 Big-ip Application Acceleration Manager 11.5.5
F5 Big-ip Policy Enforcement Manager 12.1.1
F5 Big-ip Policy Enforcement Manager 11.5.2
F5 Big-ip Policy Enforcement Manager 11.5.0
F5 Big-ip Policy Enforcement Manager 12.0.0
F5 Big-ip Policy Enforcement Manager 11.4.0
F5 Big-ip Policy Enforcement Manager 11.5.3
F5 Big-ip Policy Enforcement Manager 11.6.1
F5 Big-ip Policy Enforcement Manager 11.4.1
F5 Big-ip Policy Enforcement Manager 11.5.4
614
VMScore
CVE-2021-22980
In Edge Client version 7.2.x prior to 7.2.1.1, 7.1.9.x prior to 7.1.9.8, and 7.1.x-7.1.8.x prior to 7.1.8.5, an untrusted search path vulnerability in the BIG-IP APM Client Troubleshooting Utility (CTU) for Windows could allow an malicious user to load a malicious DLL library fro...
F5 Big-ip Access Policy Manager
F5 Access Policy Manager Clients
NA
CVE-2023-36858
An insufficient verification of data vulnerability exists in BIG-IP Edge Client for Windows and macOS that may allow an malicious user to modify its configured server list. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Access Policy Manager Clients
F5 Big-ip Access Policy Manager
NA
CVE-2023-38418
The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Big-ip Access Policy Manager
F5 Access Policy Manager Clients
NA
CVE-2023-43762
Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend). This affects WithSecure Policy Manager 15 and Policy Manager Proxy 15.
Withsecure F-secure Policy Manager 15.00
Withsecure Policy Manager Proxy 15.00
240
VMScore
CVE-2021-23002
When using BIG-IP APM 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, or all 12.1.x and 11.6.x versions or Edge Client versions 7.2.1.x prior to 7.2.1.1, 7.1.9.x prior to 7.1.9.8, or 7.1.8.x prior to 7.1.8.5, the session ID is...
F5 Big-ip Access Policy Manager
F5 Access Policy Manager Clients
641
VMScore
CVE-2018-5547
Windows Logon Integration feature of F5 BIG-IP APM client prior to version 7.1.7.1 for Windows by default uses Legacy logon mode which uses a SYSTEM account to establish network access. This feature displays a certificate user interface dialog box which contains the link to the c...
F5 Big-ip Access Policy Manager Client 7.1.7
F5 Big-ip Access Policy Manager Client 7.1.6
F5 Big-ip Access Policy Manager Client 7.1.6.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »