Latest f5 big-iq centralized management Vulnerabilities

F5-K000138990
The DNS message parsing code in `named` includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may caus...
F5 BIG-IP>=17.1.0<=17.1.1
F5 BIG-IP>=16.1.0<=16.1.4
F5 BIG-IP>=15.1.0<=15.1.10
F5 BIG-IQ Centralized Management>=8.1.0<=8.3.0
F5-K000138827
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For exampl...
F5 BIG-IP Next (LTM, WAF)>=20.0.1<=20.1.0
F5 BIG-IP Next Central Manager>=20.0.1<=20.1.0
F5 BIG-IP>=17.1.0<=17.1.1
F5 BIG-IP>=16.1.0<=16.1.4
F5 BIG-IP>=15.1.0<=15.1.10
F5 BIG-IQ Centralized Management>=8.1.0<=8.3.0
and 3 more
F5-K000138650
This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that the...
F5 BIG-IP Next>=20.0.1<=20.0.2
F5 BIG-IP Next Central Manager>=20.0.1<=20.0.2
F5 BIG-IP Next SPK>=1.7.0<=1.9.1
F5 BIG-IP Next CNF>=1.1.0<=1.2.1
F5 BIG-IP>=17.1.0<=17.1.1
F5 BIG-IP>=16.1.0<=16.1.4
and 2 more
F5-K000138649
CVE-2023-5981 A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. CVE-20...
F5 BIG-IP Next>=20.0.1<=20.0.2
F5 BIG-IP Next Central Manager>=20.0.1<=20.0.2
F5 BIG-IP Next SPK>=1.5.0<=1.9.1
F5 BIG-IP Next CNF>=1.1.0<=1.3.0
F5 BIG-IP>=17.1.0<=17.1.1
F5 BIG-IP>=16.1.0<=16.1.4
and 5 more
CVE-2024-21782
BIG-IP and BIG-IQ secure copy vulnerability
F5 BIG-IP=17.1.0
F5 BIG-IP>=16.1.0<=16.1.3
F5 BIG-IP>=15.1.0<=15.1.8
F5 BIG-IQ Centralized Management>=8.0.0<=8.3.0
F5-K98606833
BIG-IP or BIG-IQ Resource Administrators and Certificate Managers who have access to the secure copy (scp) utility but do not have access to Advanced Shell (bash) can execute arbitrary commands with a...
F5 BIG-IP=17.1.0
F5 BIG-IP>=16.1.0<=16.1.3
F5 BIG-IP>=15.1.0<=15.1.8
F5 BIG-IQ Centralized Management>=8.0.0<=8.3.0
CVE-2024-0553
Gnutls: incomplete fix for cve-2023-5981
Gnu Gnutls<3.8.3
Fedoraproject Fedora=39
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
redhat/gnutls<3.8.3
debian/gnutls28<=3.6.7-4+deb10u8<=3.7.1-5+deb11u4<=3.7.1-5+deb11u3
and 17 more
F5-K000138219
An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory.
F5 BIG-IP>=17.1.0<=17.1.1
F5 BIG-IP>=16.1.0<=16.1.4
F5 BIG-IP>=15.1.0<=15.1.10
F5 BIG-IQ Centralized Management>=8.0.0<=8.3.0
F5 F5OS-A=1.5.0=1.4.0>=1.3.0<=1.3.2
F5 F5OS-C=1.6.0>=1.5.0<=1.5.1
CVE-2023-46218
This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that the...
Haxx Curl>=7.46.0<=8.4.0
Fedoraproject Fedora=39
redhat/curl<8.5.0
ubuntu/curl<7.58.0-2ubuntu3.24+
ubuntu/curl<7.68.0-1ubuntu2.21
ubuntu/curl<7.81.0-1ubuntu1.15
and 13 more
CVE-2023-5981
Gnutls: timing side-channel in the rsa-psk authentication
redhat/GnuTLS<3.8.2
Gnu Gnutls=1.5.0
Redhat Linux=8.0
Redhat Linux=9.0
Fedoraproject Fedora=37
Fedoraproject Fedora=38
and 18 more
F5-K20850144
The BIG-IP and BIG-IQ systems do not encrypt the values of two Database (DB) variables, a password used for a proxy server connection and a RADIUS/TACACS+ shared secret.
F5 BIG-IP
F5 BIG-IP>=16.1.0<=16.1.3
F5 BIG-IP>=15.1.0<=15.1.8
F5 BIG-IP>=14.1.0<=14.1.5
F5 BIG-IP>=13.1.0<=13.1.5
F5 BIG-IQ Centralized Management>=8.0.0<=8.3.0
CVE-2023-41964
The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB) variables.  Note: Software versions which have reached End of Technical Support (EoTS) are not evalua...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<=14.1.5
and 77 more
CVE-2023-43485
When TACACS+ audit forwarding is configured on BIG-IP or BIG-IQ system, sharedsecret is logged in plaintext in the audit log.  Note: Software versions which have reached End of Technical Support (EoT...
F5 BIG-IQ Centralized Management>=8.0.0<8.2.0.1.0.13.97-eng
F5 BIG-IQ Centralized Management>=8.3.0<8.3.0.0.12.118-eng
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4
and 74 more
F5-K06110200
When TACACS+ audit forwarding is configured on a BIG-IP or BIG-IQ system, shared secret is logged in plaintext in the audit log.
F5 BIG-IP
F5 BIG-IP>=16.1.0<=16.1.3
F5 BIG-IP>=15.1.0<=15.1.8
F5 BIG-IP>=14.1.0<=14.1.5
F5 BIG-IP>=13.1.0<=13.1.5
F5 BIG-IQ Centralized Management>=8.0.0<=8.3.0
CVE-2020-22218
An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory.
Libssh2 Libssh2=1.10.0
redhat/libssh2<1.10.0
redhat/libssh2<1.11.0
IBM QRadar SIEM<=7.5 - 7.5.0 UP7
ubuntu/libssh2<1.8.0-1ubuntu0.1
ubuntu/libssh2<1.8.0-2.1ubuntu0.1
and 9 more
F5-K000133472
An authenticated attacker with guest privileges or higher can cause the iControl SOAP process to terminate by sending undisclosed requests.
F5 BIG-IP>=17.0.0<=17.1.0
F5 BIG-IP>=16.1.0<=16.1.3
F5 BIG-IP>=15.1.0<=15.1.9
F5 BIG-IP>=14.1.0<=14.1.5
F5 BIG-IP>=13.1.0<=13.1.5
F5 BIG-IQ Centralized Management>=8.2.0<=8.3.0
CVE-2023-38419
An authenticated attacker with guest privileges or higher can cause the iControl SOAP process to terminate by sending undisclosed requests.
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.5
F5 BIG-IP Access Policy Manager>=17.0.0<17.1.0.2
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 96 more
F5-K000132719
An authenticated attacker granted a Viewer or Auditor role on a BIG-IQ system can upload arbitrary files using an undisclosed iControl REST endpoint.
F5 BIG-IQ Centralized Management>=8.0.0<=8.2.0
CVE-2023-29240
An authenticated attacker granted a Viewer or Auditor role on a BIG-IQ can upload arbitrary files using an undisclosed iControl REST endpoint.  Note: Software versions which have reached End of Techn...
F5 BIG-IQ Centralized Management>=8.0.0<8.3.0
F5 BIG-IQ Centralized Management>=8.0.0<=8.2.0
CVE-2022-41622
In all versions, BIG-IP and BIG-IQ are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP. Note: Software versions which have reached End of Technical Support (EoTS) are not...
F5 BIG-IQ Centralized Management>=8.0.0<=8.2.0
F5 BIG-IQ Centralized Management=7.1.0
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<=14.1.5
F5 BIG-IP Advanced Firewall Manager>=15.1.0<=15.1.8
F5 BIG-IP Advanced Firewall Manager>=16.1.0<=16.1.3
and 51 more
CVE-2022-41770
In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ all versions of 8.x and 7.x, an authenticated iC...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.1
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.7
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.1
F5 BIG-IP Access Policy Manager>=17.0.0<17.0.0.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 51 more
CVE-2022-35728
In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ version 8.x before 8.2.0 and all versions of 7...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.1
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.6.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.1
F5 BIG-IP Access Policy Manager=17.0.0
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 53 more
CVE-2022-34844
In BIG-IP Versions 16.1.x before 16.1.3.1 and 15.1.x before 15.1.6.1, and all versions of BIG-IQ 8.x, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-I...
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.6.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.1
F5 BIG-IP Advanced Firewall Manager>=15.1.0<15.1.6.1
F5 BIG-IP Advanced Firewall Manager>=16.1.0<16.1.3.1
F5 BIG-IP Analytics>=15.1.0<15.1.6.1
F5 BIG-IP Analytics>=16.1.0<16.1.3.1
and 21 more
CVE-2022-34851
In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ Centralized Management all versions of 8.x, an...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.1
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.6.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.1
F5 BIG-IP Access Policy Manager=17.0.0
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 50 more
CVE-2022-29479
On F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, and F5 BIG-IQ Centralized Management all vers...
F5 BIG-IP Access Policy Manager=11.6.1
F5 BIG-IP Access Policy Manager=11.6.2
F5 BIG-IP Access Policy Manager=11.6.3
F5 BIG-IP Access Policy Manager=11.6.4
F5 BIG-IP Access Policy Manager=11.6.5
F5 BIG-IP Access Policy Manager=12.1.0
and 340 more
CVE-2022-26340
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, and F5 BIG...
F5 BIG-IP Access Policy Manager=11.6.1
F5 BIG-IP Access Policy Manager=11.6.2
F5 BIG-IP Access Policy Manager=11.6.3
F5 BIG-IP Access Policy Manager=11.6.4
F5 BIG-IP Access Policy Manager=11.6.5
F5 BIG-IP Access Policy Manager=12.1.0
and 337 more
CVE-2022-23009
F5 BIG-IQ Centralized Management=8.0.0
CVE-2022-23023
On BIG-IP version 16.1.x before 16.1.2.1, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all versions of 13.1.x and 12.1.x, and BIG-IQ all versions of 8.x and 7.x, undisclosed requests by an authen...
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.4
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.4
F5 BIG-IP Access Policy Manager>=15.1.0<=15.1.4
F5 BIG-IP Access Policy Manager>=16.1.0<=16.1.2
F5 BIG-IP Advanced Firewall Manager>=12.1.0<=12.1.5
and 66 more
CVE-2002-20001
The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-expo...
Balasys Dheater
SUSE Linux Enterprise Server=15
SUSE Linux Enterprise Server=11
SUSE Linux Enterprise Server=12
F5 BIG-IQ Centralized Management=7.1.0
F5 BIG-IQ Centralized Management>=8.0.0<=8.2.0
and 80 more
CVE-2021-23026
BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x and 11.6.x and all versions of BIG-IQ 8.x, 7.x, and 6.x are vuln...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.4
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.4
F5 BIG-IP Access Policy Manager>=15.1.0<=15.1.2
F5 BIG-IP Access Policy Manager>=16.0.0<=16.0.1.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.4
F5 BIG-IP Advanced Firewall Manager>=14.1.0<=14.1.4
and 53 more
CVE-2021-23024
On version 8.0.x before 8.0.0.1, and all 6.x and 7.x versions, the BIG-IQ Configuration utility has an authenticated remote command execution vulnerability in undisclosed pages. Note: Software version...
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
F5 BIG-IQ Centralized Management>=7.0.0<=7.1.0
F5 BIG-IQ Centralized Management>=8.0.0<8.0.0.1
CVE-2021-23006
On all 7.x and 6.x versions (fixed in 8.0.0), undisclosed BIG-IQ pages have a reflected cross-site scripting vulnerability. Note: Software versions which have reached End of Software Development (EoSD...
F5 BIG-IQ Centralized Management>=6.0.0<8.0.0
CVE-2021-22997
On all 7.x and 6.x versions (fixed in 8.0.0), BIG-IQ HA ElasticSearch service does not implement any form of authentication for the clustering transport services, and all data used by ElasticSearch fo...
F5 BIG-IQ Centralized Management>=6.0.0<8.0.0
CVE-2021-22996
On all 7.x versions (fixed in 8.0.0), when set up for auto failover, a BIG-IQ Data Collection Device (DCD) cluster member that receives an undisclosed message may cause the corosync process to abort. ...
F5 BIG-IQ Centralized Management>=7.0.0<8.0.0
CVE-2021-22995
On all 7.x and 6.x versions (fixed in 8.0.0), BIG-IQ high availability (HA) when using a Quorum device for automatic failover does not implement any form of authentication with the Corosync daemon. No...
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
F5 BIG-IQ Centralized Management>=7.0.0<=7.1.0
CVE-2021-22986
F5 BIG-IP and BIG-IQ Centralized Management iControl REST Remote Code Execution Vulnerability
F5 BIG-IP Access Policy Manager>=12.1.0<12.1.5.3
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.3.6
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.4
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.2.1
F5 BIG-IP Access Policy Manager>=16.0.0<16.0.1.1
F5 BIG-IP Advanced Firewall Manager>=12.1.0<12.1.5.3
and 68 more
CVE-2021-22974
On BIG-IP version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.6 and all versions of BIG-IQ 7.x and 6.x, an authenticated attacker with access to iCon...
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.3.6
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.3.1
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.2
F5 BIG-IP Access Policy Manager>=16.0.0<16.0.1.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<13.1.3.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<14.1.3.1
and 52 more
CVE-2020-5944
In BIG-IQ 7.1.0, accessing the DoS Summary events and DNS Overview pages in the BIG-IQ system interface returns an error message due to disabled Grafana reverse proxy in web service configuration. F5 ...
F5 BIG-IQ Centralized Management>=7.1.0<7.1.0.1
CVE-2020-5930
In BIG-IP 15.0.0-15.1.0.4, 14.1.0-14.1.2.7, 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 and BIG-IQ 5.2.0-7.1.0, unauthenticated attackers can cause disruption of service via undisclosed meth...
F5 BIG-IP Access Policy Manager>=11.6.1<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.3.4
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.2.8
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.0.5
F5 BIG-IP Advanced Firewall Manager>=11.6.1<=11.6.5
and 62 more
CVE-2020-5923
In BIG-IP versions 15.0.0-15.1.0.4, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1 and BIG-IQ versions 5.4.0-7.0.0, Self-IP port-lockdown bypass via IPv6 link-local addresses.
F5 BIG-IP Access Policy Manager>=11.6.1<11.6.5.2
F5 BIG-IP Access Policy Manager>=12.1.0<12.1.5.2
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.3.4
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.2.7
F5 BIG-IP Access Policy Manager>=15.0.0<15.1.0.5
F5 BIG-IP Advanced Firewall Manager>=11.6.1<11.6.5.2
and 52 more
CVE-2020-5917
F5 BIG-IP Access Policy Manager>=11.6.1<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<12.1.5.2
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.3
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.2.4
F5 BIG-IP Access Policy Manager>=15.0.0<15.0.1.4
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.0.5
and 63 more
CVE-2020-5873
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.1-11.6.5 and BIG-IQ 5.2.0-7.1.0, a user associated with the Resource Administrator role who has access to the secure ...
F5 BIG-IP Access Policy Manager>=11.6.1<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.3.1
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.2.3
F5 BIG-IP Access Policy Manager>=15.0.0<=15.0.1
F5 BIG-IQ Centralized Management>=5.2.0<=5.4.0
and 52 more
CVE-2020-5870
In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization mechanisms do not use any form of authentication for connecting to the peer.
F5 BIG-IQ Centralized Management>=5.2.0<=5.4.0
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
F5 BIG-IQ Centralized Management>=7.0.0<7.1.0
CVE-2020-5869
In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization is not secure by TLS and may allow on-path attackers to read / modify confidential data in transit.
F5 BIG-IQ Centralized Management>=5.2.0<=5.4.0
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
F5 BIG-IQ Centralized Management>=7.0.0<7.1.0
CVE-2020-5868
In BIG-IQ 6.0.0-7.0.0, a remote access vulnerability has been discovered that may allow a remote user to execute shell commands on affected systems using HTTP requests to the BIG-IQ user interface.
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
F5 BIG-IQ Centralized Management=7.0.0
CVE-2020-5860
On BIG-IP 15.0.0-15.1.0.2, 14.1.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5.1, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, in a High Availability (HA) network failover in Device...
F5 BIG-IQ Centralized Management>=5.2.0<=5.4.0
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
F5 BIG-IQ Centralized Management=7.0.0
F5 BIG-IP Access Policy Manager>=11.5.2<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.3
and 52 more
CVE-2020-5858
On BIG-IP 15.0.0-15.0.1.2, 14.1.0-14.1.2.2, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, users with non-administrator roles (for example, Guest o...
F5 BIG-IQ Centralized Management>=5.2.0<=5.4.0
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
F5 BIG-IQ Centralized Management=7.0.0
F5 BIG-IP Access Policy Manager>=11.5.2<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.3
and 62 more
CVE-2020-5854
On BIG-IP 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.0-11.6.5.1, the tmm crashes under certain circumstances when using the connector profile if a specif...
F5 BIG-IP Access Policy Manager>=11.5.2<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<12.1.5.1
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.3.2
F5 BIG-IP Access Policy Manager>=14.0.0<14.0.1.1
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.2.1
F5 BIG-IP Access Policy Manager>=15.0.0<15.1.0
and 78 more
CVE-2014-5209
An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.
NTP ntp=4.2.7-p25
F5 BIG-IP Access Policy Manager>=10.2.1<=10.2.4
F5 BIG-IP Access Policy Manager>=11.4.0<=11.6.4
F5 BIG-IP Access Policy Manager>=12.0.0<=12.1.4
F5 BIG-IP Access Policy Manager>=13.0.0<=13.1.1
F5 BIG-IP Access Policy Manager>=14.0.0<=14.1.0
and 71 more
CVE-2019-19151
On BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IQ versions 7.0.0, 6.0.0-6.1.0, and 5.0.0-5.4.0, iWorkflow version 2.3.0, and Enterprise Man...
F5 BIG-IQ Centralized Management>=5.0.0<=5.4.0
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
F5 BIG-IQ Centralized Management=7.0.0
F5 BIG-IP Access Policy Manager>=11.5.1<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.0.0<=13.1.3
and 64 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203