Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
big-ip access policy manager vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2018-5548
On BIG-IP APM 11.6.0-11.6.3, an insecure AES ECB mode is used for orig_uri parameter in an undisclosed /vdesk link of APM virtual server configured with an access profile, allowing a malicious user to build a redirect URI value using different blocks of cipher texts.
F5 Big-ip Access Policy Manager
3.5
CVSSv2
CVE-2019-6591
On BIG-IP APM 14.0.0 to 14.0.0.4, 13.0.0 to 13.1.1.3 and 12.1.0 to 12.1.3.7, a reflected cross-site scripting (XSS) vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system.
F5 Big-ip Access Policy Manager
4.3
CVSSv2
CVE-2019-6595
Cross-site scripting (XSS) vulnerability in F5 BIG-IP Access Policy Manager (APM) 11.5.x and 11.6.x Admin Web UI.
F5 Big-ip Access Policy Manager
5
CVSSv2
CVE-2019-6661
When the BIG-IP APM 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.4.1, or 11.5.1-11.6.5 system processes certain requests, the APD/APMD daemon may consume excessive resources.
F5 Big-ip Access Policy Manager
4.9
CVSSv2
CVE-2019-6668
The BIG-IP APM Edge Client for macOS bundled with BIG-IP APM 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.5, and 11.5.1-11.6.5 may allow unprivileged users to access files owned by root.
F5 Big-ip Access Policy Manager
4.3
CVSSv2
CVE-2018-15324
On BIG-IP APM 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, TMM may restart when processing a specially crafted request with APM portal access.
F5 Big-ip Access Policy Manager
6
CVSSv2
CVE-2018-15326
In some situations on BIG-IP APM 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.2, the CRLDP Auth access policy agent may treat revoked certificates as valid when the BIG-IP APM system fails to download a new Certificate Revocation List.
F5 Big-ip Access Policy Manager
6.8
CVSSv2
CVE-2022-23014
On versions 16.1.x prior to 16.1.2 and 15.1.x prior to 15.1.4.1, when BIG-IP APM portal access is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Supp...
F5 Big-ip Access Policy Manager
4.3
CVSSv2
CVE-2014-9326
The automatic signature update functionality in the (1) Phone Home feature in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, GTM, and Link Controller 11.5.0 up to and including 11.6.0, ASM 10.0.0 up to and including 11.6.0, and PEM 11.3.0 up to and including 11.6.0 and the (2) Call Hom...
F5 Big-ip Application Acceleration Manager 11.5.0
F5 Big-ip Application Acceleration Manager 11.5.1
F5 Big-ip Application Acceleration Manager 11.5.2
F5 Big-ip Application Acceleration Manager 11.6.0
F5 Big-ip Policy Enforcement Manager 11.5.0
F5 Big-ip Policy Enforcement Manager11.5.1
F5 Big-ip Policy Enforcement Manager 11.5.2
F5 Big-ip Policy Enforcement Manager 11.6.0
F5 Big-ip Policy Enforcement Manager 11.3.0
F5 Big-ip Policy Enforcement Manager 11.4.0
F5 Big-ip Policy Enforcement Manager 11.4.1
F5 Big-ip Global Traffic Manager 11.6.0
F5 Big-ip Global Traffic Manager 11.5.0
F5 Big-ip Global Traffic Manager 11.5.1
F5 Big-ip Global Traffic Manager 11.5.2
F5 Big-ip Advanced Firewall Manager 11.5.0
F5 Big-ip Advanced Firewall Manager 11.5.1
F5 Big-ip Advanced Firewall Manager 11.5.2
F5 Big-ip Advanced Firewall Manager 11.6.0
F5 Big-ip Local Traffic Manager 11.5.2
F5 Big-ip Local Traffic Manager 11.6.0
F5 Big-ip Local Traffic Manager 11.5.0
5
CVSSv2
CVE-2019-6619
On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, the Traffic Management Microkernel (TMM) may restart when a virtual server has an HTTP/2 profile with Application Layer Protocol Negotiation (ALPN) enabled and it processes traffic where the ALPN extension size is zer...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
F5 Big-ip Application Security Manager
F5 Big-ip Local Traffic Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »