Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
access-policy vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2018-5528
Under certain conditions, TMM may restart and produce a core file while processing APM data on BIG-IP 13.0.1 or 13.1.0.4-13.1.0.7.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 13.0.1
445
VMScore
CVE-2018-5536
A remote attacker via undisclosed measures, may be able to exploit an F5 BIG-IP APM 13.0.0-13.1.0.7 or 12.1.0-12.1.3.5 virtual server configured with an APM per-request policy object and cause a memory leak in the APM module.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 14.0.0
445
VMScore
CVE-2018-5549
On BIG-IP APM 11.6.0-11.6.3.1, 12.1.0-12.1.3.3, 13.0.0, and 13.1.0-13.1.0.3, APMD may core when processing SAML Assertion or response containing certain elements.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 13.0.0
694
VMScore
CVE-2017-6129
In F5 BIG-IP APM software version 13.0.0 and 12.1.2, in some circumstances, APM tunneled VPN flows can cause a VPN/PPP connflow to be prematurely freed or cause TMM to stop responding with a "flow not in use" assertion. An attacker may be able to disrupt traffic or caus...
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Access Policy Manager 13.0.0
383
VMScore
CVE-2017-6139
In F5 BIG-IP APM software version 13.0.0 and 12.1.2, under rare conditions, the BIG-IP APM system appends log details when responding to client requests. Details in the log file can vary; customers running debug mode logging with BIG-IP APM are at highest risk.
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Access Policy Manager 13.0.0
392
VMScore
CVE-2013-6024
The Edge Client components in F5 BIG-IP APM 10.x, 11.x, 12.x, 13.x, and 14.x, BIG-IP Edge Gateway 10.x and 11.x, and FirePass 7.0.0 allow malicious users to obtain sensitive information from process memory via unspecified vectors.
F5 Big-ip Edge Gateway 10.1.0
F5 Big-ip Edge Gateway 10.2.4
F5 Big-ip Access Policy Manager 11.0.0
F5 Firepass 6.0.0
F5 Firepass 6.1.0
F5 Big-ip Access Policy Manager 11.2.0
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Access Policy Manager 10.2.4
F5 Big-ip Access Policy Manager 11.1.0
F5 Big-ip Access Policy Manager 11.3.0
F5 Big-ip Access Policy Manager 10.1.0
F5 Big-ip Edge Gateway 11.0.0
F5 Big-ip Edge Gateway 11.5.0
F5 Firepass 7.0.0
187
VMScore
CVE-2018-15316
In F5 BIG-IP APM 13.0.0-13.1.1.1, APM Client 7.1.5-7.1.6, and/or Edge Client 7101-7160, the BIG-IP APM Edge Client component loads the policy library with user permission and bypassing the endpoint checks.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
F5 Big-ip Edge Client
409
VMScore
CVE-2020-5892
In versions 7.1.5-7.1.8, the BIG-IP Edge Client components in BIG-IP APM, Edge Gateway, and FirePass legacy allow malicious users to obtain the full session ID from process memory.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
F5 Big-ip Edge Gateway
NA
CVE-2022-35245
In BIG-IP Versions 16.1.x prior to 16.1.3.1, 15.1.x prior to 15.1.6.1, and 14.1.x prior to 14.1.5.1, when a BIG-IP APM access policy is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions whi...
F5 Big-ip Access Policy Manager
606
VMScore
CVE-2022-23014
On versions 16.1.x prior to 16.1.2 and 15.1.x prior to 15.1.4.1, when BIG-IP APM portal access is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Supp...
F5 Big-ip Access Policy Manager
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-35229
privilege escalation
local users
CVE-2024-5405
CVE-2024-27842
CVE-2024-5274
CVE-2024-5378
CVE-2024-34152
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »