f5
1,031 tracked vulnerabilities.
CVE-2021-23027
MEDIUM
BIG-IP <16.0.1.2, 15.1.3.1, 14.1.4.3 - XSS
Sep 14, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-23026
HIGH
BIG-IP 13.1.0-13.1.4 - Cross-Site Request Forgery via iControl SOAP
Sep 14, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-23030
HIGH
F5 Big-ip Advanced Web Application Firewall < 12.1.6 - Improper Input Validation
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23028
HIGH
F5 <16.0.1.2, 15.1.3.1, 14.1.4.2, 13.1.4 - DoS
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23025
HIGH
BIG-IP <15.1.0.5, <14.1.3.1, <13.1.3.5, <=11.6.x - Authenticated RCE
Sep 14, 2021
CVSS 8.8
EPSS 0.02
CVE-2021-23036
HIGH
F5 BIG-IP Advanced Web Application Firewall 16.0.0-16.0.1 - Denial of Service via ASM and DataSafe Profile Configuration
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23031
CRITICAL
F5 BIG-IP Advanced WAF/ASM Privilege Escalation (16.0.1.2/15.1.3/14.1.4.1/13.1.4/12.1.6/11.6.5.3)
Sep 14, 2021
CVSS 9.9
EPSS 0.02
CVE-2021-23039
HIGH
F5 BIG-IP 12.1.0-12.1.5, 13.1.x, 14.1.0-14.1.2.7, 15.1.0-15.1.2, 16.0.0-16.0.1.1 - Denial of Service via IPSec Request
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23038
CRITICAL
BIG-IP <16.0.1.2, 15.1.3.1, 14.1.4.2, 13.1.4.1, 12.1.x - XSS
Sep 14, 2021
CVSS 9.0
EPSS 0.01
CVE-2021-23037
CRITICAL
F5 BIG-IP 11.6.0-11.6.4 - Reflected Cross-Site Scripting in Configuration Utility
Sep 14, 2021
CVSS 9.6
EPSS 0.01
CVE-2021-23035
HIGH
F5 BIG-IP 14.1.0-14.1.4.3 - Denial of Service via Chunked HTTP Responses
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23034
HIGH
BIG-IP <16.1.0, 15.1.x <15.1.3.1 - DoS
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23033
HIGH
F5 Big-ip Advanced Web Application Firewall < 12.1.6 - Improper Input Validation
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23032
HIGH
F5 Big-ip Domain Name System < 12.1.6 - Improper Input Validation
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23045
HIGH
BIG-IP <16.0.1.2, 15.1.3.1, 14.1.4.3, 13.1.4.1, 12.1.x - DoS
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23044
HIGH
F5 Big-ip Access Policy Manager < 11.6.5 - Improper Input Validation
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23046
MEDIUM
Guided Configuration <8.0.0 - Info Disclosure
Sep 14, 2021
CVSS 4.9
EPSS 0.01
CVE-2021-23043
MEDIUM
BIG-IP 11.6.0-11.6.4 - Path Traversal in Configuration Utility
Sep 14, 2021
CVSS 6.5
EPSS 0.02
CVE-2021-23042
HIGH
BIG-IP 12.1.0-12.1.5 - Uncontrolled Resource Consumption via HTTP Profile
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23040
HIGH
BIG-IP AFM 12.1.0-12.1.5 - SQL Injection in Configuration Utility
Sep 14, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-23047
MEDIUM
F5 BIG-IP Access Policy Manager 11.6.1-11.6.4 - Uncontrolled Resource Consumption via OCSP AIA Verification
Sep 14, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-23041
MEDIUM
BIG-IP 12.1.x-16.0.x - DOM-Based Cross-Site Scripting in Configuration Utility
Sep 14, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-23053
MEDIUM
BIG-IP Advanced WAF/ASM <15.1.3, 14.1.3.1, 13.1.3.6 - Info Disclosure
Sep 14, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-23052
MEDIUM
BIG-IP <14.1.4.4, 13.1.x - Open Redirect
Sep 14, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-23051
HIGH
F5 BIG-IP 15.1.0.4-15.1.3 - Denial of Service via DPDK/ENA Driver Request Handling
Sep 14, 2021
CVSS 7.5
EPSS 0.01
Products
big-ip_access_policy_manager 628
big-ip_application_security_manager 581
big-ip_advanced_firewall_manager 552
big-ip_local_traffic_manager 541
big-ip_policy_enforcement_manager 533
big-ip_link_controller 525
big-ip_application_acceleration_manager 524
big-ip_analytics 511
big-ip_global_traffic_manager 490
big-ip_domain_name_system 469
big-ip_fraud_protection_service 405
big-ip_webaccelerator 297
big-ip_edge_gateway 293
big-ip_advanced_web_application_firewall 195
big-ip_websafe 175
big-ip_ddos_hybrid_defender 166
big-ip_ssl_orchestrator 147
big-ip_carrier-grade_nat 109
big-ip_application_visibility_and_reporting 108
big-ip_container_ingress_services 86
big-ip_automation_toolchain 85
big-iq_centralized_management 85
big-ip_protocol_security_module 61
BIG-IP 46
nginx 42
njs 40
enterprise_manager 39
big-ip_wan_optimization_manager 38
traffix_signaling_delivery_controller 31
ssl_orchestrator 27
Quick Filters