F5

Big-ip Access Policy Manager

623 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.44%
  • Veröffentlicht 08.05.2024 15:15:09
  • Zuletzt bearbeitet 21.10.2025 19:28:04

When an SSL profile with alert timeout is configured with a non-default value on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Soft...

  • EPSS 0.58%
  • Veröffentlicht 08.05.2024 15:15:09
  • Zuletzt bearbeitet 21.10.2025 11:39:36

A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user.  Note: Software versions which have reached...

  • EPSS 0.52%
  • Veröffentlicht 08.05.2024 15:15:08
  • Zuletzt bearbeitet 21.10.2025 11:40:17

When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

  • EPSS 0.27%
  • Veröffentlicht 08.05.2024 15:15:08
  • Zuletzt bearbeitet 21.10.2025 19:28:16

A DOM-based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user.  Note: Software versions which have reac...

Medienbericht Exploit
  • EPSS 4.06%
  • Veröffentlicht 06.05.2024 19:15:11
  • Zuletzt bearbeitet 15.01.2025 16:50:28

DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local...

  • EPSS 0.17%
  • Veröffentlicht 14.02.2024 17:15:14
  • Zuletzt bearbeitet 05.09.2025 15:51:32

When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions utilizing iAppsLX templates on a BIG-IP system.  Note: Software versions which have reached End of Technical S...

  • EPSS 0.34%
  • Veröffentlicht 14.02.2024 17:15:14
  • Zuletzt bearbeitet 23.01.2025 19:53:16

When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point (CRLDP) authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. Note: Software version...

  • EPSS 0.52%
  • Veröffentlicht 14.02.2024 17:15:14
  • Zuletzt bearbeitet 23.01.2025 19:53:31

When a virtual server is enabled with VLAN group and SNAT listener is configured, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not...

  • EPSS 0.52%
  • Veröffentlicht 14.02.2024 17:15:13
  • Zuletzt bearbeitet 23.01.2025 19:52:38

When HTTP/2 is configured on BIG-IP or BIG-IP Next SPK systems, undisclosed responses can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

  • EPSS 0.18%
  • Veröffentlicht 14.02.2024 17:15:12
  • Zuletzt bearbeitet 23.01.2025 19:47:50

BIG-IP or BIG-IQ Resource Administrators and Certificate Managers who have access to the secure copy (scp) utility but do not have access to Advanced shell (bash) can execute arbitrary commands with a specially crafted command string. This vulnerabil...