Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
big-ip_access_policy_manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5450
An insufficient verification of data vulnerability exists in BIG-IP Edge Client Installer on macOS that may allow an attacker elevation of privileges during the installation process. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 17.1.0
NA
CVE-2023-43611
The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process. This vulnerability is due to an incomplete fix for CVE-2023-38418. Note: Software versions which have reached End of Technical Support (EoTS) are no...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Application Visibility And Reporting
F5 Big-ip Carrier-grade Nat
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Ssl Orchestrator
F5 Big-ip Webaccelerator
F5 Big-ip Websafe
NA
CVE-2023-36858
An insufficient verification of data vulnerability exists in BIG-IP Edge Client for Windows and macOS that may allow an malicious user to modify its configured server list. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Access Policy Manager Clients
F5 Big-ip Access Policy Manager
NA
CVE-2023-22372
In the pre connection stage, an improper enforcement of message integrity vulnerability exists in BIG-IP Edge Client for Windows and Mac OS. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Big-ip Access Policy Manager
NA
CVE-2023-24461
An improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows and macOS and may allow an malicious user to impersonate a BIG-IP APM system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Big-ip Access Policy Manager
2.1
CVSSv2
CVE-2022-27636
On F5 BIG-IP APM 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions before 7.2.1.5, BIG-IP Edge Client may log sensi...
F5 Big-ip Access Policy Manager 11.6.1
F5 Big-ip Access Policy Manager 11.6.2
F5 Big-ip Access Policy Manager 11.6.3
F5 Big-ip Access Policy Manager 11.6.4
F5 Big-ip Access Policy Manager 11.6.5
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Access Policy Manager 12.1.3
F5 Big-ip Access Policy Manager 12.1.4
F5 Big-ip Access Policy Manager 12.1.5
F5 Big-ip Access Policy Manager 12.1.6
F5 Big-ip Access Policy Manager 13.1.0
F5 Big-ip Access Policy Manager 13.1.1
F5 Big-ip Access Policy Manager 13.1.2
F5 Big-ip Access Policy Manager 13.1.3
F5 Big-ip Access Policy Manager 13.1.4
F5 Big-ip Access Policy Manager 13.1.5
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Access Policy Manager 14.1.2
F5 Big-ip Access Policy Manager 14.1.3
F5 Big-ip Access Policy Manager 14.1.4
5
CVSSv2
CVE-2022-23011
On certain hardware BIG-IP platforms, in version 15.1.x prior to 15.1.4 and 14.1.x prior to 14.1.3, virtual servers may stop responding while processing TCP traffic due to an issue in the SYN Cookie Protection feature. Note: Software versions which have reached End of Technical S...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
4
CVSSv2
CVE-2020-5947
In versions 16.0.0-16.0.0.1 and 15.1.0-15.1.1, on specific BIG-IP platforms, attackers may be able to obtain TCP sequence numbers from the BIG-IP system that can be reused in future connections with the same source and destination port and IP numbers. Only these platforms are aff...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Ssl Orchestrator
4.6
CVSSv2
CVE-2020-5855
When the Windows Logon Integration feature is configured for all versions of BIG-IP Edge Client for Windows, unauthorized users who have physical access to an authorized user's machine can get shell access under unprivileged user.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
2.1
CVSSv2
CVE-2020-5851
On impacted versions and platforms the Trusted Platform Module (TPM) system integrity check cannot detect modifications to specific system components. This issue only impacts specific engineering hotfixes and platforms. NOTE: This vulnerability does not affect any of the BIG-IP m...
F5 Big-ip Local Traffic Manager 14.1.0.2.0.45.4
F5 Big-ip Local Traffic Manager 14.1.0.2.0.62.4
F5 Big-ip Advanced Firewall Manager 14.1.0.2.0.45.4
F5 Big-ip Advanced Firewall Manager 14.1.0.2.0.62.4
F5 Big-ip Application Acceleration Manager 14.1.0.2.0.45.4
F5 Big-ip Application Acceleration Manager 14.1.0.2.0.62.4
F5 Big-ip Analytics 14.1.0.2.0.45.4
F5 Big-ip Analytics 14.1.0.2.0.62.4
F5 Big-ip Access Policy Manager 14.1.0.2.0.45.4
F5 Big-ip Access Policy Manager 14.1.0.2.0.62.4
F5 Big-ip Application Security Manager 14.1.0.2.0.45.4
F5 Big-ip Application Security Manager 14.1.0.2.0.62.4
F5 Big-ip Edge Gateway 14.1.0.2.0.45.4
F5 Big-ip Edge Gateway 14.1.0.2.0.62.4
F5 Big-ip Fraud Protection Service 14.1.0.2.0.45.4
F5 Big-ip Fraud Protection Service 14.1.0.2.0.62.4
F5 Big-ip Global Traffic Manager 14.1.0.2.0.45.4
F5 Big-ip Global Traffic Manager 14.1.0.2.0.62.4
F5 Big-ip Link Controller 14.1.0.2.0.45.4
F5 Big-ip Link Controller 14.1.0.2.0.62.4
F5 Big-ip Policy Enforcement Manager 14.1.0.2.0.45.4
F5 Big-ip Policy Enforcement Manager 14.1.0.2.0.62.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »