Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 big-ip application security manager 14.0.0 vulnerabilities and exploits
(subscribe to this query)
9.4
CVSSv3
CVE-2019-6665
On BIG-IP ASM 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, BIG-IQ 6.0.0 and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, an attacker with access to the device communication between the BIG-IP ASM Central Policy Builder and the BIG-IQ/Enterprise...
F5 Big-ip Application Security Manager
F5 Big-iq Centralized Management
F5 Big-iq Centralized Management 6.0.0
F5 Enterprise Manager 3.1.1
F5 Iworkflow 2.3.0
9.4
CVSSv3
CVE-2019-6644
Similar to the issue identified in CVE-2018-12120, on versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, and 12.1.0-12.1.4 BIG-IP will bind a debug nodejs process to all interfaces when invoked. This may expose the process to unauthorized users if the plugin is left in deb...
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 14.1.0
F5 Big-ip Local Traffic Manager 14.0.0
F5 Big-ip Advanced Firewall Manager 14.1.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 14.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 14.0.0
F5 Big-ip Application Acceleration Manager 14.1.0
F5 Big-ip Analytics 14.0.0
F5 Big-ip Analytics
F5 Big-ip Analytics 14.1.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 14.0.0
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 14.1.0
F5 Big-ip Application Security Manager 14.0.0
F5 Big-ip Edge Gateway 14.1.0
F5 Big-ip Edge Gateway
F5 Big-ip Edge Gateway 14.0.0
F5 Big-ip Fraud Protection Service
9.1
CVSSv3
CVE-2019-6649
F5 BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 and Enterprise Manager 3.1.1 may expose sensitive information and allow the system configuration to be modified when using non-default ConfigSync settings.
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 14.0.0
F5 Big-ip Application Security Manager 15.0.0
F5 Big-ip Application Security Manager 14.1.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 14.0.0
F5 Big-ip Local Traffic Manager 14.1.0
F5 Big-ip Local Traffic Manager 15.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 14.0.0
F5 Big-ip Advanced Firewall Manager 14.1.0
F5 Big-ip Advanced Firewall Manager 15.0.0
F5 Big-ip Analytics
F5 Big-ip Analytics 14.0.0
F5 Big-ip Analytics 14.1.0
F5 Big-ip Analytics 15.0.0
F5 Big-ip Access Policy Manager 14.0.0
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Access Policy Manager 15.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Domain Name System
F5 Big-ip Domain Name System 14.0.0
9.1
CVSSv3
CVE-2019-6650
F5 BIG-IP ASM 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 may expose sensitive information and allow the system configuration to be modified when using non-default settings.
F5 Big-ip Application Security Manager 14.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 15.0.0
F5 Big-ip Application Security Manager 14.1.0
8.8
CVSSv3
CVE-2019-6642
In BIG-IP 15.0.0, 14.0.0-14.1.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.2, and 11.5.2-11.6.4, BIG-IQ 6.0.0-6.1.0 and 5.1.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, authenticated users with the ability to upload files (via scp, for example) can escalate their privileges to ...
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 15.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 15.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 15.0.0
F5 Big-ip Link Controller
F5 Big-ip Link Controller 15.0.0
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Policy Enforcement Manager 15.0.0
F5 Big-ip Webaccelerator
F5 Big-ip Webaccelerator 15.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 15.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 15.0.0
F5 Big-ip Fraud Protection Service
F5 Big-ip Fraud Protection Service 15.0.0
F5 Big-ip Global Traffic Manager
F5 Big-ip Global Traffic Manager 15.0.0
F5 Big-ip Analytics
F5 Big-ip Analytics 15.0.0
8.4
CVSSv3
CVE-2019-6636
On BIG-IP (AFM, ASM) 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, and 11.5.1-11.6.4, a stored cross-site scripting vulnerability in AFM feed list. In the worst case, an attacker can store a CSRF which results in code execution as the admin user. The level of ...
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Security Manager
7.8
CVSSv3
CVE-2019-6685
On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, users with access to edit iRules are able to create iRules which can lead to an elevation of privilege, configuration modification, and arbitrary system comman...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
7.5
CVSSv3
CVE-2020-5949
On BIG-IP versions 14.0.0-14.0.1 and 13.1.0-13.1.3.4, certain traffic pattern sent to a virtual server configured with an FTP profile can cause the FTP channel to break.
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Ssl Orchestrator
7.5
CVSSv3
CVE-2020-5883
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, when a virtual server is configured with HTTP explicit proxy and has an attached HTTP_PROXY_REQUEST iRule, POST requests sent to the virtual server cause an xdata memory leak.
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Webaccelerator
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Edge Gateway
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
7.5
CVSSv3
CVE-2020-5872
On BIG-IP 14.1.0-14.1.2.3, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.4.1, when processing TLS traffic with hardware cryptographic acceleration enabled on platforms with Intel QAT hardware, the Traffic Management Microkernel (TMM) may stop responding and cause a failover eve...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »