Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor F5 Subscribe
Filtered by product Nginx App Protect
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-23050 1 F5 3 Big-ip Advanced Web Application Firewall, Big-ip Application Security Manager, Nginx App Protect 2021-09-27 5.0 MEDIUM 7.5 HIGH
On BIG-IP Advanced WAF and BIG-IP ASM version 16.0.x before 16.0.1.2 and 15.1.x before 15.1.3 and NGINX App Protect on all versions before 3.5.0, when a cross-site request forgery (CSRF)-enabled policy is configured on a virtual server, an undisclosed HTML response may cause the bd process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.