CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

F5 : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-6161 400 Bypass 2017-10-27 2017-11-16
2.9
None Local Network Medium Not required None None Partial
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypted and authenticate connections to mcpd. This vulnerability may allow remote attackers to cause a denial-of-service (DoS) attack via resource exhaustion.
2 CVE-2021-23002 2021-03-31 2021-04-05
2.7
None Local Network Low ??? Partial None None
When using BIG-IP APM 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, or all 12.1.x and 11.6.x versions or Edge Client versions 7.2.1.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, or 7.1.8.x before 7.1.8.5, the session ID is visible in the arguments of the f5vpn.exe command when VPN is launched from the browser on a Windows system. Addressing this issue requires both the client and server fixes. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.
3 CVE-2006-3550 XSS 2006-07-13 2018-10-18
2.6
None Remote High Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in F5 Networks FirePass 4100 5.x allow remote attackers to inject arbitrary web script or HTML via unspecified "writable form fields and hidden fields," including "authentication frontends."
4 CVE-2007-6704 79 XSS 2008-03-05 2018-10-15
2.6
None Remote High Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbitrary web script or HTML via the query string to (1) my.activation.php3 and (2) my.logon.php3.
5 CVE-2018-5537 20 2018-07-25 2018-09-19
2.6
None Remote High Not required None None Partial
A remote attacker may be able to disrupt services on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 if the TMM virtual server is configured with a HTML or a Rewrite profile. TMM may restart while processing some specially prepared HTML content from the back end.
6 CVE-2020-5929 2020-09-25 2021-07-21
2.6
None Remote High Not required Partial None None
In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous (ADH) or Ephemeral (DHE) Diffie-Hellman key exchange and Single DH use option not enabled in the options list may be vulnerable to crafted SSL/TLS Handshakes that may result with a PMS (Pre-Master Secret) that starts in a 0 byte and may lead to a recovery of plaintext messages as BIG-IP TLS/SSL ADH/DHE sends different error messages acting as an oracle. Similar error messages when PMS starts with 0 byte coupled with very precise timing measurement observation may also expose this vulnerability.
7 CVE-2014-4027 200 +Info 2014-06-23 2020-08-21
2.3
None Local Network Medium ??? Partial None None
The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator.
8 CVE-2018-5518 2018-05-02 2019-10-03
2.3
None Local Network Medium ??? None None Partial
On F5 BIG-IP 13.0.0-13.1.0.5 or 12.0.0-12.1.3.3, malicious root users with access to a VCMP guest can cause a disruption of service on adjacent VCMP guests running on the same host. Exploiting this vulnerability causes the vCMPd process on the adjacent VCMP guest to restart and produce a core file. This issue is only exploitable on a VCMP guest which is operating in "host-only" or "bridged" mode. VCMP guests which are "isolated" are not impacted by this issue and do not provide mechanism to exploit the vulnerability. Guests which are deployed in "Appliance Mode" may be impacted however the exploit is not possible from an Appliance Mode guest. To exploit this vulnerability root access on a guest system deployed as "host-only" or "bridged" mode is required.
9 CVE-2016-6249 200 +Info 2017-02-20 2017-07-25
2.1
None Local Low Not required Partial None None
F5 BIG-IP 12.0.0 and 11.5.0 - 11.6.1 REST requests which timeout during user account authentication may log sensitive attributes such as passwords in plaintext to /var/log/restjavad.0.log. It may allow local users to obtain sensitive information by reading these files.
10 CVE-2016-7474 200 +Info 2017-03-27 2019-06-06
2.1
None Local Low Not required Partial None None
In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information.
11 CVE-2017-6152 269 2018-03-08 2019-10-03
2.1
None Local Low Not required None Partial None
A local user on F5 BIG-IQ Centralized Management 5.1.0-5.2.0 with the Access Manager role has privileges to change the passwords of other users on the system, including the local admin account password.
12 CVE-2018-5540 732 2018-07-19 2019-10-03
2.1
None Local Low Not required Partial None None
On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5.1-11.5.6, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.1.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.1.0-2.3.0 the big3d process does not irrevocably minimize group privileges at start up.
13 CVE-2018-15316 Bypass 2018-10-19 2019-10-03
2.1
None Local Low Not required None Partial None
In F5 BIG-IP APM 13.0.0-13.1.1.1, APM Client 7.1.5-7.1.6, and/or Edge Client 7101-7160, the BIG-IP APM Edge Client component loads the policy library with user permission and bypassing the endpoint checks.
14 CVE-2018-15333 434 2018-12-28 2019-10-23
2.1
None Local Low Not required Partial None None
On versions 11.2.1. and greater, unrestricted Snapshot File Access allows BIG-IP system's user with any role, including Guest Role, to have access and download previously generated and available snapshot files on the BIG-IP configuration utility such as QKView and TCPDumps.
15 CVE-2019-6601 269 2019-03-13 2020-08-24
2.1
None Local Low Not required Partial None None
In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, the Application Acceleration Manager (AAM) wamd process used in processing of images and PDFs fails to drop group permissions when executing helper scripts.
16 CVE-2019-6632 310 2019-07-03 2021-07-21
2.1
None Local Low Not required Partial None None
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, under certain circumstances, attackers can decrypt configuration items that are encrypted because the vCMP configuration unit key is generated with insufficient randomness. The attack prerequisite is direct access to encrypted configuration and/or UCS files.
17 CVE-2019-6670 312 2019-11-27 2019-12-12
2.1
None Local Low Not required Partial None None
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5, vCMP hypervisors are incorrectly exposing the plaintext unit key for their vCMP guests on the filesystem.
18 CVE-2019-19151 269 2019-12-23 2019-12-31
2.1
None Local Low Not required Partial None None
On BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IQ versions 7.0.0, 6.0.0-6.1.0, and 5.0.0-5.4.0, iWorkflow version 2.3.0, and Enterprise Manager version 3.1.1, authenticated users granted TMOS Shell (tmsh) privileges are able access objects on the file system which would normally be disallowed by tmsh restrictions. This allows for authenticated, low privileged attackers to access objects on the file system which would not normally be allowed.
19 CVE-2020-5866 200 +Info 2020-04-23 2020-04-30
2.1
None Local Low Not required Partial None None
In versions of NGINX Controller prior to 3.3.0, the helper.sh script, which is used optionally in NGINX Controller to change settings, uses sensitive items as command-line arguments.
20 CVE-2020-5890 200 +Info 2020-04-30 2020-05-06
2.1
None Local Low Not required Partial None None
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1 and BIG-IQ 5.2.0-7.1.0, when creating a QKView, credentials for binding to LDAP servers used for remote authentication of the BIG-IP administrative interface will not fully obfuscate if they contain whitespace.
21 CVE-2020-5908 200 +Info 2020-07-01 2021-07-21
2.1
None Local Low Not required Partial None None
In versions bundled with BIG-IP APM 12.1.0-12.1.5 and 11.6.1-11.6.5.2, Edge Client for Linux exposes full session ID in the local log files.
22 CVE-2020-24347 125 2020-08-13 2022-04-15
2.1
None Local Low Not required None None Partial
njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_lvlhsh_level_find in njs_lvlhsh.c.
23 CVE-2020-24348 125 2020-08-13 2022-04-15
2.1
None Local Low Not required None None Partial
njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_json_stringify_iterator in njs_json.c.
24 CVE-2020-24349 416 2020-08-13 2022-07-12
2.1
None Local Low Not required None Partial None
njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers the issue to be "fluff" in the NGINX use case because there is no remote attack surface.
25 CVE-2021-23020 330 2021-06-01 2021-06-11
2.1
None Local Low Not required Partial None None
The NAAS 3.x before 3.10.0 API keys were generated using an insecure pseudo-random string and hashing algorithm which could lead to predictable keys.
26 CVE-2021-23021 732 2021-06-01 2021-06-11
2.1
None Local Low Not required Partial None None
The Nginx Controller 3.x before 3.7.0 agent configuration file /etc/controller-agent/agent.conf is world readable with current permission bits set to 644.
27 CVE-2022-27636 532 2022-05-05 2022-05-13
2.1
None Local Low Not required Partial None None
On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions prior to 7.2.1.5, BIG-IP Edge Client may log sensitive APM session-related information when VPN is launched on a Windows system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
28 CVE-2019-6648 532 2019-09-04 2019-10-09
1.9
None Local Medium Not required Partial None None
On version 1.9.0, If DEBUG logging is enable, F5 Container Ingress Service (CIS) for Kubernetes and Red Hat OpenShift (k8s-bigip-ctlr) log files may contain BIG-IP secrets such as SSL Private Keys and Private key Passphrases as provided as inputs by an AS3 Declaration.
29 CVE-2022-30535 20 2022-08-04 2022-08-10
0.0
None ??? ??? ??? ??? ??? ???
In versions 2.x before 2.3.0 and all versions of 1.x, An attacker authorized to create or update ingress objects can obtain the secrets available to the NGINX Ingress Controller. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
30 CVE-2022-31473 22 Dir. Trav. Bypass 2022-08-04 2022-08-10
0.0
None ??? ??? ??? ??? ??? ???
In BIG-IP Versions 16.1.x before 16.1.1 and 15.1.x before 15.1.4, when running in Appliance mode, an authenticated attacker may be able to bypass Appliance mode restrictions due to a directory traversal vulnerability in an undisclosed page within iApps. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
31 CVE-2022-32455 119 Overflow 2022-08-04 2022-08-10
0.0
None ??? ??? ??? ??? ??? ???
In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when a BIG-IP LTM Client SSL profile is configured on a virtual server to perform client certificate authentication with session tickets enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
32 CVE-2022-33203 400 2022-08-04 2022-08-10
0.0
None ??? ??? ??? ??? ??? ???
In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when a BIG-IP APM access policy with Service Connect agent is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
33 CVE-2022-33947 502 2022-08-04 2022-08-10
0.0
None ??? ??? ??? ??? ??? ???
In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, a vulnerability exists in undisclosed pages of the BIG-IP DNS Traffic Management User Interface (TMUI) that allows an authenticated attacker with at least operator role privileges to cause the Tomcat process to restart and perform unauthorized DNS requests and operations through undisclosed requests. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
34 CVE-2022-33962 269 Bypass 2022-08-04 2022-08-10
0.0
None ??? ??? ??? ??? ??? ???
In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, certain iRules commands may allow an attacker to bypass the access control restrictions for a self IP address, regardless of the port lockdown settings. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
35 CVE-2022-33968 125 2022-08-04 2022-08-10
0.0
None ??? ??? ??? ??? ??? ???
In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, when an LTM monitor or APM SSO is configured on a virtual server, and NTLM challenge-response is in use, undisclosed traffic can cause a buffer over-read. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
36 CVE-2022-34027 2022-07-18 2022-07-25
0.0
None ??? ??? ??? ??? ??? ???
Nginx NJS v0.7.4 was discovered to contain a segmentation violation via njs_value_property at njs_value.c.
37 CVE-2022-34028 2022-07-18 2022-07-25
0.0
None ??? ??? ??? ??? ??? ???
Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_utf8_next at src/njs_utf8.h.
38 CVE-2022-34029 125 2022-07-18 2022-07-25
0.0
None ??? ??? ??? ??? ??? ???
Nginx NJS v0.7.4 was discovered to contain an out-of-bounds read via njs_scope_value at njs_scope.h.
39 CVE-2022-34030 2022-07-18 2022-07-25
0.0
None ??? ??? ??? ??? ??? ???
Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_djb_hash at src/njs_djb_hash.c.
40 CVE-2022-34031 2022-07-18 2022-07-25
0.0
None ??? ??? ??? ??? ??? ???
Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_value_to_number at src/njs_value_conversion.h.
41 CVE-2022-34032 2022-07-18 2022-07-25
0.0
None ??? ??? ??? ??? ??? ???
Nginx NJS v0.7.5 was discovered to contain a segmentation violation in the function njs_value_own_enumerate at src/njs_value.c.
42 CVE-2022-34651 476 2022-08-04 2022-08-10
0.0
None ??? ??? ??? ??? ??? ???
In BIG-IP Versions 16.1.x before 16.1.3.1 and 15.1.x before 15.1.6.1, when an LTM Client or Server SSL profile with TLS 1.3 enabled is configured on a virtual server, along with an iRule that calls HTTP::respond, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
43 CVE-2022-34655 908 2022-08-04 2022-08-10
0.0
None ??? ??? ??? ??? ??? ???
In BIG-IP Versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when an iRule containing the HTTP::payload command is configured on a virtual server, undisclosed traffic can cause Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
44 CVE-2022-34844 2022-08-04 2022-08-10
0.0
None ??? ??? ??? ??? ??? ???
In BIG-IP Versions 16.1.x before 16.1.3.1 and 15.1.x before 15.1.6.1, and all versions of BIG-IQ 8.x, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP or BIG-IQ on Amazon Web Services (AWS) systems, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Successful exploitation relies on conditions outside of the attacker's control. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
45 CVE-2022-34851 20 2022-08-04 2022-08-10
0.0
None ??? ??? ??? ??? ??? ???
In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ Centralized Management all versions of 8.x, an authenticated attacker may cause iControl SOAP to become unavailable through undisclosed requests. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
46 CVE-2022-34862 835 2022-08-04 2022-08-10
0.0
None ??? ??? ??? ??? ??? ???
In BIG-IP Versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when an LTM virtual server is configured to perform normalization, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
47 CVE-2022-34865 295 2022-08-04 2022-08-10
0.0
None ??? ??? ??? ??? ??? ???
In BIG-IP Versions 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, Traffic Intelligence feeds, which use HTTPS, do not verify the remote endpoint identity, allowing for potential data poisoning. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
48 CVE-2022-35236 400 2022-08-04 2022-08-10
0.0
None ??? ??? ??? ??? ??? ???
In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when an HTTP2 profile is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
49 CVE-2022-35240 404 2022-08-04 2022-08-10
0.0
None ??? ??? ??? ??? ??? ???
In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when the Message Routing (MR) Message Queuing Telemetry Transport (MQTT) profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
50 CVE-2022-35241 400 2022-08-04 2022-08-10
0.0
None ??? ??? ??? ??? ??? ???
In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Total number of vulnerabilities : 55   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.