Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor F5 Subscribe
Filtered by product Big-ip Domain Name System
Total 347 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-5020 1 F5 14 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 11 more 2019-06-06 9.0 HIGH 8.8 HIGH
F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script.
CVE-2016-1497 1 F5 14 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 11 more 2019-06-06 4.0 MEDIUM 4.9 MEDIUM
The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (APM) access logs via unspecified vectors.
CVE-2015-8099 1 F5 21 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 18 more 2019-06-06 4.3 MEDIUM 5.9 MEDIUM
F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x before 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 HF10; Enterprise Manager 3.0.0 through 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 on the 3900, 6900, 8900, 8950, 11000, 11050, PB100 and PB200 platforms, when software SYN cookies are configured on virtual servers, allow remote attackers to cause a denial of service (High-Speed Bridge hang) via an invalid TCP segment.
CVE-2016-9252 1 F5 14 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 11 more 2019-06-06 5.0 MEDIUM 7.5 HIGH
The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 and 12.x before 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote attackers to cause a denial-of-service (DoS) through unspecified vectors.
CVE-2016-9250 1 F5 14 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 11 more 2019-06-06 5.0 MEDIUM 7.5 HIGH
In F5 BIG-IP 11.2.1, 11.4.0 through 11.6.1, and 12.0.0 through 12.1.2, an unauthenticated user with access to the control plane may be able to delete arbitrary files through an undisclosed mechanism.
CVE-2016-7474 1 F5 14 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 11 more 2019-06-06 2.1 LOW 5.5 MEDIUM
In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information.
CVE-2015-4047 5 Canonical, Debian, F5 and 2 more 25 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 22 more 2019-03-27 7.8 HIGH N/A
racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.
CVE-2018-15319 1 F5 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more 2019-03-05 7.8 HIGH 7.5 HIGH
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default "normalize URI" configuration options used in iRules and/or BIG-IP LTM policies.
CVE-2019-6592 1 F5 12 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 9 more 2019-02-28 6.4 MEDIUM 9.1 CRITICAL
On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file when validating SSL certificates in client SSL or server SSL profiles.
CVE-2019-6589 1 F5 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more 2019-02-14 4.3 MEDIUM 6.1 MEDIUM
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, and 11.6.0-11.6.3.2, a reflected Cross Site Scripting (XSS) vulnerability is present in an undisclosed page of the BIG-IP TMUI (Traffic Management User Interface) also known as the BIG-IP configuration utility.
CVE-2018-15330 1 F5 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more 2019-01-10 7.8 HIGH 7.5 HIGH
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, when a virtual server using the inflate functionality to process a gzip bomb as a payload, the BIG-IP system will experience a fatal error and may cause the Traffic Management Microkernel (TMM) to produce a core file.
CVE-2018-15328 1 F5 16 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 13 more 2019-01-09 5.0 MEDIUM 7.5 HIGH
On BIG-IP 14.0.x, 13.x, 12.x, and 11.x, Enterprise Manager 3.1.1, BIG-IQ 6.x, 5.x, and 4.x, and iWorkflow 2.x, the passphrases for SNMPv3 users and trap destinations that are used for authentication and privacy are not handled by the BIG-IP system Secure Vault feature; they are written in the clear to the various configuration files.
CVE-2018-15318 1 F5 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more 2018-12-14 7.8 HIGH 7.5 HIGH
In BIG-IP 14.0.0-14.0.0.2, 13.1.0.4-13.1.1.1, or 12.1.3.4-12.1.3.6, If an MPTCP connection receives an abort signal while the initial flow is not the primary flow, the initial flow will remain after the closing procedure is complete. TMM may restart and produce a core file as a result of this condition.
CVE-2018-15325 1 F5 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more 2018-12-11 4.0 MEDIUM 4.3 MEDIUM
In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, iControl and TMSH usage by authenticated users may leak a small amount of memory when executing commands
CVE-2018-15323 1 F5 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more 2018-12-11 4.3 MEDIUM 5.9 MEDIUM
On BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1, in certain circumstances, when processing traffic through a Virtual Server with an associated MQTT profile, the TMM process may produce a core file and take the configured HA action.
CVE-2018-5535 1 F5 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more 2018-12-05 5.0 MEDIUM 7.5 HIGH
On F5 BIG-IP 14.0.0, 13.0.0-13.1.0, 12.1.0-12.1.3, or 11.5.1-11.6.3 specifically crafted HTTP responses, when processed by a Virtual Server with an associated QoE profile that has Video enabled, may cause TMM to incorrectly buffer response data causing the TMM to restart resulting in a Denial of Service.
CVE-2018-15315 1 F5 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more 2018-12-04 4.3 MEDIUM 6.1 MEDIUM
On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a reflected Cross Site Scripting (XSS) vulnerability in an undisclosed Configuration Utility page.
CVE-2018-15312 1 F5 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more 2018-12-03 4.3 MEDIUM 6.1 MEDIUM
On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, a reflected Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an authenticated user to execute JavaScript for the currently logged-in user.
CVE-2018-5534 1 F5 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more 2018-09-18 5.0 MEDIUM 7.5 HIGH
Under certain conditions on F5 BIG-IP 13.1.0-13.1.0.5, 13.0.0, 12.1.0-12.1.3.1, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM may core while processing SSL forward proxy traffic.
CVE-2018-5533 1 F5 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more 2018-09-18 5.0 MEDIUM 7.5 HIGH
Under certain conditions on F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM may core while processing SSL forward proxy traffic.