Latest f5 big-ip domain name system Vulnerabilities

CVE-2023-46748
BIG-IP Configuration utility authenticated SQL injection vulnerability
F5 BIG-IP Configuration Utility
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<=15.1.10
F5 BIG-IP Access Policy Manager>=16.1.0<=16.1.4
F5 BIG-IP Access Policy Manager>=17.1.0<=17.1.1
and 95 more
CVE-2023-46747
BIG-IP Configuration utility unauthenticated remote code execution vulnerability
F5 BIG-IP Configuration Utility
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<=15.1.10
F5 BIG-IP Access Policy Manager>=16.1.0<=16.1.4
F5 BIG-IP Access Policy Manager>=17.1.0<=17.1.1
and 95 more
CVE-2023-45219
Exposure of Sensitive Information vulnerability exist in an undisclosed BIG-IP TMOS shell (tmsh) command which may allow an authenticated attacker with resource administrator role privileges to view ...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<=14.1.5
and 70 more
CVE-2023-41253
When on BIG-IP DNS or BIG-IP LTM enabled with DNS Services License, and a TSIG key is created, it is logged in plaintext in the audit log.  Note: Software versions which have reached End of Technical...
F5 Big-ip Domain Name System>=13.1.0<=14.1.5
F5 Big-ip Domain Name System>=15.1.0<15.1.9
F5 Big-ip Domain Name System>=16.1.0<16.1.4
F5 Big-ip Local Traffic Manager>=13.1.0<=14.1.5
F5 Big-ip Local Traffic Manager>=15.1.0<15.1.9
F5 Big-ip Local Traffic Manager>=16.1.0<16.1.4
CVE-2023-41964
The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB) variables.  Note: Software versions which have reached End of Technical Support (EoTS) are not evalua...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<=14.1.5
and 71 more
CVE-2023-41085
When IPSec is configured on a Virtual Server, undisclosed traffic can cause TMM to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<=14.1.5
and 70 more
CVE-2023-43611
The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process.  This vulnerability is due to an incomplete fix for CVE-2023-38418. ...
F5 BIG-IP Access Policy Manager>=7.2.3<7.2.4.4
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 72 more
CVE-2023-41373
A directory traversal vulnerability exists in the BIG-IP Configuration Utility that may allow an authenticated attacker to execute commands on the BIG-IP system. For BIG-IP system running in Applianc...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.6
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.10.2
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4.1
F5 BIG-IP Access Policy Manager>=17.1.0<17.1.0.3
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 84 more
CVE-2023-42768
When a non-admin user has been assigned an administrator role via an iControl REST PUT request and later the user's role is reverted back to a non-admin role via the Configuration utility, tmsh, or i...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<=14.1.5
and 70 more
CVE-2023-43485
When TACACS+ audit forwarding is configured on BIG-IP or BIG-IQ system, sharedsecret is logged in plaintext in the audit log.  Note: Software versions which have reached End of Technical Support (EoT...
F5 BIG-IQ Centralized Management>=8.0.0<8.2.0.1.0.13.97-eng
F5 BIG-IQ Centralized Management>=8.3.0<8.3.0.0.12.118-eng
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4
and 68 more
CVE-2023-43746
When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing BIG-IP external monitor on a BIG-IP system.  A succe...
F5 BIG-IP Access Policy Manager>=13.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=14.1.5
F5 BIG-IP Advanced Firewall Manager>=15.1.0<15.1.9
F5 BIG-IP Advanced Firewall Manager>=16.1.0<16.1.4
and 9 more
CVE-2023-40537
An authenticated user's session cookie may remain valid for a limited time after logging out from the BIG-IP Configuration utility on a multi-blade VIPRION platform.  Note: Software versions which h...
F5 BIG-IP Access Policy Manager>=13.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=14.1.5
F5 BIG-IP Advanced Firewall Manager>=15.1.0<15.1.9
F5 BIG-IP Advanced Firewall Manager>=16.1.0<16.1.4
and 48 more
CVE-2023-40534
When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, and an iRule using the HTTP_REQUEST event or Local Traffic Policy are associated with the virtual ser...
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4.1
F5 BIG-IP Access Policy Manager=17.1.0
F5 BIG-IP Advanced Firewall Manager>=16.1.0<16.1.4.1
F5 BIG-IP Advanced Firewall Manager=17.1.0
F5 Big-ip Advanced Web Application Firewall>=16.1.0<16.1.4.1
F5 Big-ip Advanced Web Application Firewall=17.1.0
and 33 more
CVE-2023-40542
When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server, undisclosed requests can cause an increase in memory resource utilization.  Note: Software versions which ...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<=14.1.5
and 70 more
CVE-2023-44487
FortiOS & FortiProxy - CVE-2023-44487 - Rapid Reset HTTP/2 vulnerability
Microsoft Windows 11=21H2
Microsoft Windows 11=21H2
Microsoft Windows Server 2022
Microsoft Windows Server 2022
Microsoft Windows 11=22H2
Microsoft Windows 11=22H2
and 553 more
CVE-2023-3470
Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password for the Crypto User account.  The predictable nature of the password allows an authenticated user with...
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.4
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.4
F5 BIG-IP Access Policy Manager=15.1.0
F5 BIG-IP Advanced Firewall Manager>=13.1.0<13.1.4
F5 BIG-IP Advanced Firewall Manager>=14.1.0<14.1.4
F5 BIG-IP Advanced Firewall Manager=15.1.0
and 73 more
CVE-2023-38138
A reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility which allows an attacker to run JavaScript in the context of the currently logge...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.5
F5 BIG-IP Access Policy Manager>=17.0.0<17.1.0.2
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 89 more
CVE-2023-38423
A cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. ...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.5
F5 BIG-IP Access Policy Manager>=17.0.0<17.1.0.2
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 89 more
CVE-2023-38419
An authenticated attacker with guest privileges or higher can cause the iControl SOAP process to terminate by sending undisclosed requests.  Note: Software versions which have reached End of Technical...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.5
F5 BIG-IP Access Policy Manager>=17.0.0<17.1.0.2
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 90 more
CVE-2023-28742
When DNS is provisioned, an authenticated remote command execution vulnerability exists in DNS iQuery mesh. Note: Software versions which have reached End of Technical Support (EoTS) are not eva...
F5 Big-ip Domain Name System>=13.1.0<=13.1.5
F5 Big-ip Domain Name System>=14.1.0<14.1.5.4
F5 Big-ip Domain Name System>=15.1.0<15.1.8.2
F5 Big-ip Domain Name System>=16.1.0<16.1.3.4
F5 Big-ip Domain Name System>=17.0.0<17.1.0.1
CVE-2023-27378
Multiple reflected cross-site scripting (XSS) vulnerabilities exist in undisclosed pages of the BIG-IP Configuration utility which allow an attacker to run JavaScript in the context of the currently ...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.4
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.8.2
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.4
F5 BIG-IP Access Policy Manager>=17.0.0<17.1.0.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 89 more
CVE-2023-29163
When UDP profile with idle timeout set to immediate or the value 0 is configured on a virtual server, undisclosed traffic can cause TMM to terminate.  Note: Software versions which have reached End o...
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.4
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.8.2
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.4
F5 BIG-IP Access Policy Manager=17.0.0
F5 BIG-IP Advanced Firewall Manager>=14.1.0<14.1.5.4
F5 BIG-IP Advanced Firewall Manager>=15.1.0<15.1.8.2
and 70 more
CVE-2023-28406
A directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility which may allow an authenticated attacker to read files with .xml extension. Access to restricted ...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.4
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.8.2
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.4
F5 BIG-IP Access Policy Manager>=17.0.0<17.1.0.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 89 more
CVE-2023-24594
When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization.   Note: Software versions which have reached End of T...
F5 BIG-IP Access Policy Manager=14.1.5
F5 BIG-IP Access Policy Manager=15.1.4.1
F5 BIG-IP Access Policy Manager=16.1.2
F5 BIG-IP Advanced Firewall Manager=14.1.5
F5 BIG-IP Advanced Firewall Manager=15.1.4.1
F5 BIG-IP Advanced Firewall Manager=16.1.2
and 52 more
CVE-2023-22422
On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, when a HTTP profile with the non-default Enforcement options of Enforce HTTP Compliance and Unknown Methods: Reject are configured...
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.3
F5 BIG-IP Access Policy Manager>=17.0.0<17.0.0.2
F5 BIG-IP Advanced Firewall Manager>=16.1.0<16.1.3.3
F5 BIG-IP Advanced Firewall Manager>=17.0.0<17.0.0.2
F5 BIG-IP Analytics>=16.1.0<16.1.3.3
F5 BIG-IP Analytics>=17.0.0<17.0.0.2
and 18 more
CVE-2023-22374
A format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a ...
F5 BIG-IP Access Policy Manager>=14.1.4.6<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.5.1<=15.1.8
F5 BIG-IP Access Policy Manager>=16.1.2.2<=16.1.3
F5 BIG-IP Access Policy Manager=13.1.5
F5 BIG-IP Access Policy Manager=17.0.0
F5 BIG-IP Advanced Firewall Manager>=14.1.4.6<=14.1.5
and 50 more
CVE-2023-22340
On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclo...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.3
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.8
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.3
F5 BIG-IP Access Policy Manager>=17.0.0<17.0.0.2
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 50 more
CVE-2023-23555
On BIG-IP Virtual Edition versions 15.1x beginning in 15.1.4 to before 15.1.8 and 14.1.x beginning in 14.1.5 to before 14.1.5.3, and BIG-IP SPK beginning in 1.5.0 to before 1.6.0, when FastL4 profile ...
F5 BIG-IP Access Policy Manager>=14.1.5<14.1.5.3
F5 BIG-IP Access Policy Manager>=15.1.4<15.1.8
F5 BIG-IP Advanced Firewall Manager>=14.1.5<14.1.5.3
F5 BIG-IP Advanced Firewall Manager>=15.1.0<15.1.8
F5 BIG-IP Analytics>=14.1.5<14.1.5.3
F5 BIG-IP Analytics>=15.1.4<15.1.8
and 19 more
CVE-2023-22842
On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisc...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.3
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.8.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.3
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<14.1.5.3
and 42 more
CVE-2023-22302
In BIG-IP versions 17.0.x before 17.0.0.2, and 16.1.x beginning in 16.1.2.2 to before 16.1.3.3, when an HTTP profile is configured on a virtual server and conditions beyond the attacker’s control exis...
F5 BIG-IP Access Policy Manager>=16.1.2.2<16.1.3.3
F5 BIG-IP Access Policy Manager>=17.0.0<17.0.0.2
F5 BIG-IP Advanced Firewall Manager>=16.1.2.2<16.1.3.3
F5 BIG-IP Advanced Firewall Manager>=17.0.0<17.0.0.2
F5 BIG-IP Analytics>=16.1.2.2<16.1.3.3
F5 BIG-IP Analytics>=17.0.0<17.0.0.2
and 18 more
CVE-2023-22323
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.3
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.8.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.3
F5 BIG-IP Access Policy Manager>=17.0.0<17.0.0.2
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 50 more
CVE-2023-22326
In BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, and all versions of BIG-IQ 8.x and 7.1.x, incorrect permi...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.3
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.8.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.3
F5 BIG-IP Access Policy Manager>=17.0.0<17.0.0.2
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 50 more
CVE-2022-41622
In all versions, BIG-IP and BIG-IQ are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP. Note: Software versions which have reached End of Technical Support (EoTS) are not...
F5 BIG-IQ Centralized Management>=8.0.0<=8.2.0
F5 BIG-IQ Centralized Management=7.1.0
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<=14.1.5
F5 BIG-IP Advanced Firewall Manager>=15.1.0<=15.1.8
F5 BIG-IP Advanced Firewall Manager>=16.1.0<=16.1.3
and 51 more
CVE-2022-41833
In all BIG-IP 13.1.x versions, when an iRule containing the HTTP::collect command is configured on a virtual server, undisclosed requests can cause Traffic Management Microkernel (TMM) to terminate.
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Analytics>=13.1.0<=13.1.5
F5 Big-ip Application Acceleration Manager>=13.1.0<=13.1.5
F5 BIG-IP Application Security Manager>=13.1.0<=13.1.5
F5 Big-ip Domain Name System>=13.1.0<=13.1.5
and 5 more
CVE-2022-41787
In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when DNS profile is configured on a virtual server with D...
F5 Big-ip Domain Name System>=13.1.0<13.1.5.1
F5 Big-ip Domain Name System>=14.1.0<14.1.5.1
F5 Big-ip Domain Name System>=15.1.0<15.1.6.1
F5 Big-ip Domain Name System>=16.1.0<16.1.3.1
F5 Big-ip Domain Name System>=17.0.0<17.0.0.1
F5 Big-ip Local Traffic Manager>=13.1.0<13.1.5.1
and 4 more
CVE-2022-41983
On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, while Intel QAT (QuickAssist Technology) and the AE...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.1
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.7
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<14.1.5.1
and 70 more
CVE-2022-41832
In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when a SIP profile is configured on a virtual server, und...
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.5.1
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.1
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.6.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.1
F5 BIG-IP Access Policy Manager>=17.0.0<17.0.0.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<13.1.5.1
and 49 more
CVE-2022-41624
In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.2, 15.1.x before 15.1.7, 14.1.x before 14.1.5.2, and 13.1.x before 13.1.5.1, when a sideband iRule is configured on a virtual server, un...
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.5.1
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.2
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.7
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.2
F5 BIG-IP Access Policy Manager>=17.0.0<17.0.0.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<13.1.5.1
and 49 more
CVE-2022-41770
In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ all versions of 8.x and 7.x, an authenticated iC...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.1
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.7
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.1
F5 BIG-IP Access Policy Manager>=17.0.0<17.0.0.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 51 more
CVE-2022-41694
In BIG-IP versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, and BIG-IQ versions 8.x before 8.2.0.1 and all versions of 7.x, when an SSL key is im...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.6.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<14.1.5
and 38 more
CVE-2022-36795
In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, and 14.1.x before 14.1.5.1, when an LTM TCP profile with Auto Receive Window Enabled is configured on a virtual...
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.1
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.7
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.1
F5 BIG-IP Access Policy Manager>=17.0.0<17.0.0.1
F5 BIG-IP Advanced Firewall Manager>=14.1.0<14.1.5.1
F5 BIG-IP Advanced Firewall Manager>=15.1.0<15.1.7
and 38 more
CVE-2022-35272
In BIG-IP Versions 17.0.x before 17.0.0.1 and 16.1.x before 16.1.3.1, when source-port preserve-strict is configured on an HTTP Message Routing Framework (MRF) virtual server, undisclosed traffic may ...
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.1
F5 BIG-IP Access Policy Manager=17.0.0
F5 BIG-IP Advanced Firewall Manager>=16.1.0<16.1.3.1
F5 BIG-IP Advanced Firewall Manager=17.0.0
F5 BIG-IP Analytics>=16.1.0<16.1.3.1
F5 BIG-IP Analytics=17.0.0
and 16 more
CVE-2022-35243
In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.5.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when running in Appliance mode, an authenticated user assigned the Administrator role...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.6.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<14.1.5
and 38 more
CVE-2022-34862
In BIG-IP Versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when an LTM virtual server is configured to perform normalization, undisclosed requ...
F5 Big-ip Access Policy Manager>=13.1.0<=13.1.5
F5 Big-ip Access Policy Manager>=14.1.0<14.1.5
F5 Big-ip Access Policy Manager>=15.1.0<15.1.6.1
F5 Big-ip Access Policy Manager>=16.1.0<16.1.3.1
F5 Big-ip Advanced Firewall Manager>=13.1.0<=13.1.5
F5 Big-ip Advanced Firewall Manager>=14.1.0<14.1.5
and 38 more
CVE-2022-34865
In BIG-IP Versions 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, Traffic Intelligence feeds, which use HTTPS, do not verify the remote endpoint identity, allowing for poten...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.6.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<14.1.5
F5 BIG-IP Advanced Firewall Manager>=15.1.0<15.1.6.1
and 27 more
CVE-2022-34655
In BIG-IP Versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when an iRule containing the HTTP::payload command is configured on a virtual server, undisclosed traffic c...
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.6.1
F5 BIG-IP Access Policy Manager>=16.0.0<16.0.1.1
F5 BIG-IP Advanced Firewall Manager>=14.1.0<14.1.5
F5 BIG-IP Advanced Firewall Manager>=15.1.0<15.1.6.1
F5 BIG-IP Advanced Firewall Manager>=16.0.0<16.0.1.1
and 27 more
CVE-2022-35236
In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when an HTTP2 profile is configured on a virtual server, undisclosed traffic can cause an increase in memor...
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.6.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.2.2
F5 BIG-IP Advanced Firewall Manager>=14.1.0<14.1.5
F5 BIG-IP Advanced Firewall Manager>=15.1.0<15.1.6.1
F5 BIG-IP Advanced Firewall Manager>=16.1.0<16.1.2.2
and 27 more
CVE-2022-35240
In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when the Message Routing (MR) Message Queuing Telemetry Transport (MQTT) profile is configured on a virtual...
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.6.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.2.2
F5 BIG-IP Advanced Firewall Manager>=14.1.0<14.1.5
F5 BIG-IP Advanced Firewall Manager>=15.1.0<15.1.6.1
F5 BIG-IP Advanced Firewall Manager>=16.1.0<16.1.2.2
and 27 more
CVE-2022-34851
In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ Centralized Management all versions of 8.x, an...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.1
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.6.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.1
F5 BIG-IP Access Policy Manager=17.0.0
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 50 more
CVE-2022-35728
In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ version 8.x before 8.2.0 and all versions of 7...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.1
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.6.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.1
F5 BIG-IP Access Policy Manager=17.0.0
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 53 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203