Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 big-ip access policy manager 14.0.0 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2018-5536
A remote attacker via undisclosed measures, may be able to exploit an F5 BIG-IP APM 13.0.0-13.1.0.7 or 12.1.0-12.1.3.5 virtual server configured with an APM per-request policy object and cause a memory leak in the APM module.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 14.0.0
445
VMScore
CVE-2019-6596
In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, 12.1.0-12.1.3.6, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, when processing fragmented ClientHello messages in a DTLS session TMM may corrupt memory eventually leading to a crash. Only systems offering DTLS connections via APM are impacted.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 14.0.0
801
VMScore
CVE-2019-6610
On BIG-IP versions 14.0.0-14.0.0.4, 13.0.0-13.1.1.1, 12.1.0-12.1.4, 11.6.0-11.6.3.4, and 11.5.1-11.5.8, the system is vulnerable to a denial of service attack when performing URL classification.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 14.0.0
445
VMScore
CVE-2018-5535
On F5 BIG-IP 14.0.0, 13.0.0-13.1.0, 12.1.0-12.1.3, or 11.5.1-11.6.3 specifically crafted HTTP responses, when processed by a Virtual Server with an associated QoE profile that has Video enabled, may cause TMM to incorrectly buffer response data causing the TMM to restart resultin...
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 14.0.0
F5 Big-ip Application Acceleration Manager 14.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager 14.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Analytics 14.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 14.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 14.0.0
F5 Big-ip Domain Name System 14.0.0
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway 14.0.0
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Fraud Protection Service 14.0.0
F5 Big-ip Global Traffic Manager
F5 Big-ip Global Traffic Manager 14.0.0
F5 Big-ip Link Controller
F5 Big-ip Link Controller 14.0.0
383
VMScore
CVE-2019-6604
On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 14.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 14.0.0
F5 Big-ip Application Acceleration Manager 14.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Edge Gateway
F5 Big-ip Edge Gateway 14.0.0
F5 Big-ip Fraud Protection Service 14.0.0
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Global Traffic Manager 14.0.0
F5 Big-ip Link Controller
F5 Big-ip Link Controller 14.0.0
F5 Big-ip Local Traffic Manager 14.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager 14.0.0
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Protocol Security Module
F5 Big-ip Protocol Security Manager
F5 Big-ip Protocol Security Manager 14.0.0
F5 Big-ip Webaccelerator
445
VMScore
CVE-2018-15328
On BIG-IP 14.0.x, 13.x, 12.x, and 11.x, Enterprise Manager 3.1.1, BIG-IQ 6.x, 5.x, and 4.x, and iWorkflow 2.x, the passphrases for SNMPv3 users and trap destinations that are used for authentication and privacy are not handled by the BIG-IP system Secure Vault feature; they are w...
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics 14.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway 14.0.0
F5 Big-ip Fraud Protection Service
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager 14.0.0
F5 Big-ip Webaccelerator
F5 Big-ip Advanced Firewall Manager 14.0.0
F5 Big-ip Analytics
F5 Big-ip Domain Name System 14.0.0
F5 Big-ip Edge Gateway
F5 Big-ip Link Controller 14.0.0
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 14.0.0
F5 Big-ip Access Policy Manager 14.0.0
F5 Big-ip Fraud Protection Service 14.0.0
F5 Big-ip Global Traffic Manager
605
VMScore
CVE-2019-6644
Similar to the issue identified in CVE-2018-12120, on versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, and 12.1.0-12.1.4 BIG-IP will bind a debug nodejs process to all interfaces when invoked. This may expose the process to unauthorized users if the plugin is left in deb...
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 14.1.0
F5 Big-ip Local Traffic Manager 14.0.0
F5 Big-ip Advanced Firewall Manager 14.1.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 14.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 14.0.0
F5 Big-ip Application Acceleration Manager 14.1.0
F5 Big-ip Analytics 14.0.0
F5 Big-ip Analytics
F5 Big-ip Analytics 14.1.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 14.0.0
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 14.1.0
F5 Big-ip Application Security Manager 14.0.0
F5 Big-ip Edge Gateway 14.1.0
F5 Big-ip Edge Gateway
F5 Big-ip Edge Gateway 14.0.0
F5 Big-ip Fraud Protection Service
445
VMScore
CVE-2019-6643
On versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, 12.1.0-12.1.4.1, and 11.5.2-11.6.4, an attacker sending specifically crafted DHCPv6 requests through a BIG-IP virtual server configured with a DHCPv6 profile may be able to cause the TMM process to produce a core file.
F5 Big-ip Local Traffic Manager 14.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 14.1.0
F5 Big-ip Advanced Firewall Manager 14.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 14.1.0
F5 Big-ip Application Acceleration Manager 14.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 14.1.0
F5 Big-ip Analytics 14.0.0
F5 Big-ip Analytics
F5 Big-ip Analytics 14.1.0
F5 Big-ip Access Policy Manager 14.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Application Security Manager 14.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 14.1.0
F5 Big-ip Edge Gateway 14.0.0
F5 Big-ip Edge Gateway
F5 Big-ip Edge Gateway 14.1.0
F5 Big-ip Fraud Protection Service 14.0.0
445
VMScore
CVE-2019-6645
On BIG-IP 14.0.0-14.1.0.5, 13.0.0-13.1.2, 12.1.0-12.1.4.1, 11.5.2-11.6.4, FTP traffic passing through a Virtual Server with both an active FTP profile associated and connection mirroring configured may lead to a TMM crash causing the configured HA action to be taken.
F5 Big-ip Local Traffic Manager 14.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 14.1.0
F5 Big-ip Advanced Firewall Manager 14.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 14.1.0
F5 Big-ip Application Acceleration Manager 14.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 14.1.0
F5 Big-ip Analytics 14.0.0
F5 Big-ip Analytics
F5 Big-ip Analytics 14.1.0
F5 Big-ip Access Policy Manager 14.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Application Security Manager 14.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 14.1.0
F5 Big-ip Edge Gateway 14.0.0
F5 Big-ip Edge Gateway
F5 Big-ip Edge Gateway 14.1.0
F5 Big-ip Fraud Protection Service 14.0.0
383
VMScore
CVE-2019-6647
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, 12.1.0-12.1.4.1, 11.5.2-11.6.4, when processing authentication attempts for control-plane users MCPD leaks a small amount of memory. Under rare conditions attackers with access to the management interface could eventually...
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 14.0.0
F5 Big-ip Local Traffic Manager 14.1.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 14.0.0
F5 Big-ip Advanced Firewall Manager 14.1.0
F5 Big-ip Application Acceleration Manager 14.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 14.1.0
F5 Big-ip Analytics 14.1.0
F5 Big-ip Analytics
F5 Big-ip Analytics 14.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 14.0.0
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 14.0.0
F5 Big-ip Application Security Manager 14.1.0
F5 Big-ip Edge Gateway 14.1.0
F5 Big-ip Edge Gateway
F5 Big-ip Edge Gateway 14.0.0
F5 Big-ip Fraud Protection Service
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »