F5

Big-ip Application Acceleration Manager

444 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2021-23004

  • EPSS 0.65%
  • Published 31.03.2021 18:15:15
  • Last modified 21.11.2024 05:51:08

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3, Multipath TCP (MPTCP) forwarding flows may be created on standard virtual servers wit...

5.3

CVE-2021-23007

Exploit
  • EPSS 0.73%
  • Published 31.03.2021 18:15:15
  • Last modified 21.11.2024 05:51:08

On BIG-IP versions 14.1.4 and 16.0.1.1, when the Traffic Management Microkernel (TMM) process handles certain undisclosed traffic, it may start dropping all fragmented IP traffic. Note: Software versions which have reached End of Software Development...

9.8

CVE-2021-22991

Warning
  • EPSS 70.78%
  • Published 31.03.2021 18:15:14
  • Last modified 02.04.2025 19:09:27

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3, undisclosed requests to a virtual server may be incorrectly handled by the Traffic Management Microkernel (TM...

6.1

CVE-2021-22994

  • EPSS 0.32%
  • Published 31.03.2021 18:15:14
  • Last modified 21.11.2024 05:51:05

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could ...

9.8

CVE-2021-22992

  • EPSS 7.78%
  • Published 31.03.2021 17:15:13
  • Last modified 21.11.2024 05:51:05

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3, a malicious HTTP response to an Advanced WAF/BIG-IP ASM virtual server with Login Pag...

9.9

CVE-2021-22987

  • EPSS 1.77%
  • Published 31.03.2021 17:15:12
  • Last modified 21.11.2024 05:51:04

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3 when running in Appliance mode, the Traffic Management User Interface (TMUI), also ref...

9.1

CVE-2021-22989

  • EPSS 1.37%
  • Published 31.03.2021 17:15:12
  • Last modified 21.11.2024 05:51:04

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3, when running in Appliance mode with Advanced WAF or BIG-IP ASM provisioned, the TMUI,...

9

CVE-2021-22990

  • EPSS 1.84%
  • Published 31.03.2021 17:15:12
  • Last modified 21.11.2024 05:51:04

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3, on systems with Advanced WAF or BIG-IP ASM provisioned, the Traffic Management User I...

10

CVE-2021-22986

Warning Exploit
  • EPSS 94.47%
  • Published 31.03.2021 15:15:15
  • Last modified 02.04.2025 19:09:11

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3 amd BIG-IQ 7.1.0.x before 7.1.0.3 and 7.0.0.x before 7.0.0.2, the iControl REST interface has an unauthenticat...

9

CVE-2021-22988

  • EPSS 2.38%
  • Published 31.03.2021 15:15:15
  • Last modified 21.11.2024 05:51:04

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3, TMUI, also referred to as the Configuration utility, has an authenticated remote comm...