Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor F5 Subscribe
Filtered by product Big-ip Policy Enforcement Manager
Total 407 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-6684 1 F5 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more 2020-08-24 5.0 MEDIUM 7.5 HIGH
On versions 15.0.0-15.0.1.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, under certain conditions, a multi-bladed BIG-IP Virtual Clustered Multiprocessing (vCMP) may drop broadcast packets when they are rebroadcast to the vCMP guest secondary blades. An attacker can leverage the fragmented broadcast IP packets to perform any type of fragmentation-based attack.
CVE-2014-4027 5 Canonical, F5, Linux and 2 more 26 Ubuntu Linux, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 23 more 2020-08-21 2.3 LOW N/A
The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator.
CVE-2020-5904 1 F5 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more 2020-07-10 6.8 MEDIUM 8.8 HIGH
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a cross-site request forgery (CSRF) vulnerability in the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, exists in an undisclosed page.
CVE-2020-5873 1 F5 12 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 9 more 2020-05-11 6.5 MEDIUM 7.2 HIGH
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.1-11.6.5 and BIG-IQ 5.2.0-7.1.0, a user associated with the Resource Administrator role who has access to the secure copy (scp) utility but does not have access to Advanced Shell (bash) can execute arbitrary commands using a maliciously crafted scp request.
CVE-2020-5881 1 F5 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more 2020-05-07 5.0 MEDIUM 7.5 HIGH
On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when the BIG-IP Virtual Edition (VE) is configured with VLAN groups and there are devices configured with OSPF connected to it, the Network Device Abstraction Layer (NDAL) Interfaces can lock up and in turn disrupting the communication between the mcpd and tmm processes.
CVE-2020-5880 1 F5 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more 2020-05-07 5.5 MEDIUM 7.1 HIGH
Om BIG-IP 15.0.0-15.0.1.3 and 14.1.0-14.1.2.3, the restjavad process may expose a way for attackers to upload arbitrary files on the BIG-IP system, bypassing the authorization system. Resulting error messages may also reveal internal paths of the server.
CVE-2020-5882 1 F5 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more 2020-05-07 5.0 MEDIUM 7.5 HIGH
On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5, and 11.6.1-11.6.5.1, under certain conditions, the Intel QuickAssist Technology (QAT) cryptography driver may produce a Traffic Management Microkernel (TMM) core file.
CVE-2020-5875 1 F5 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more 2020-05-07 5.0 MEDIUM 7.5 HIGH
On BIG-IP 15.0.0-15.0.1 and 14.1.0-14.1.2.3, under certain conditions, the Traffic Management Microkernel (TMM) may generate a core file and restart while processing SSL traffic with an HTTP/2 full proxy.
CVE-2020-5872 1 F5 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more 2020-05-06 5.0 MEDIUM 7.5 HIGH
On BIG-IP 14.1.0-14.1.2.3, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.4.1, when processing TLS traffic with hardware cryptographic acceleration enabled on platforms with Intel QAT hardware, the Traffic Management Microkernel (TMM) may stop responding and cause a failover event.
CVE-2020-5888 1 F5 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more 2020-05-06 3.3 LOW 8.1 HIGH
On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition (VE) may expose a mechanism for adjacent network (layer 2) attackers to access local daemons and bypass port lockdown settings.
CVE-2020-5890 1 F5 12 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 9 more 2020-05-06 2.1 LOW 5.5 MEDIUM
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1 and BIG-IQ 5.2.0-7.1.0, when creating a QKView, credentials for binding to LDAP servers used for remote authentication of the BIG-IP administrative interface will not fully obfuscate if they contain whitespace.
CVE-2020-5878 1 F5 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more 2020-05-05 5.0 MEDIUM 7.5 HIGH
On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.3, Traffic Management Microkernel (TMM) may restart on BIG-IP Virtual Edition (VE) while processing unusual IP traffic.
CVE-2020-5871 1 F5 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more 2020-05-05 5.0 MEDIUM 7.5 HIGH
On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane exposure.
CVE-2020-5887 1 F5 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more 2020-05-04 6.4 MEDIUM 9.1 CRITICAL
On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition (VE) may expose a mechanism for remote attackers to access local daemons and bypass port lockdown settings.
CVE-2020-5861 1 F5 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more 2020-04-01 5.0 MEDIUM 7.5 HIGH
On BIG-IP 12.1.0-12.1.5, the TMM process may produce a core file in some cases when Ram Cache incorrectly optimizes stored data resulting in memory errors.
CVE-2020-5852 1 F5 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more 2020-02-05 5.0 MEDIUM 7.5 HIGH
Undisclosed traffic patterns received may cause a disruption of service to the Traffic Management Microkernel (TMM). This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted while TMM restarts. This issue only impacts specific engineering hotfixes. NOTE: This vulnerability does not affect any of the BIG-IP major, minor or maintenance releases you obtained from downloads.f5.com. The affected Engineering Hotfix builds are as follows: Hotfix-BIGIP-14.1.2.1.0.83.4-ENG Hotfix-BIGIP-12.1.4.1.0.97.6-ENG Hotfix-BIGIP-11.5.4.2.74.291-HF2
CVE-2020-5851 1 F5 28 Big-ip 2800, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 25 more 2020-01-29 2.1 LOW 4.6 MEDIUM
On impacted versions and platforms the Trusted Platform Module (TPM) system integrity check cannot detect modifications to specific system components. This issue only impacts specific engineering hotfixes and platforms. NOTE: This vulnerability does not affect any of the BIG-IP major, minor or maintenance releases you obtained from downloads.f5.com. The affected Engineering Hotfix builds are as follows: Hotfix-BIGIP-14.1.0.2.0.45.4-ENG Hotfix-BIGIP-14.1.0.2.0.62.4-ENG
CVE-2014-5209 2 F5, Ntp 25 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 22 more 2020-01-24 5.0 MEDIUM 5.3 MEDIUM
An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.
CVE-2018-14468 7 Apple, Debian, F5 and 4 more 23 Mac Os X, Debian Linux, Big-ip Access Policy Manager and 20 more 2020-01-20 5.0 MEDIUM 7.5 HIGH
The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().
CVE-2018-14880 7 Apple, Debian, F5 and 4 more 23 Mac Os X, Debian Linux, Big-ip Access Policy Manager and 20 more 2020-01-20 5.0 MEDIUM 7.5 HIGH
The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().