f5

1,031 tracked vulnerabilities.

CVE-2021-23027 MEDIUM
BIG-IP <16.0.1.2, 15.1.3.1, 14.1.4.3 - XSS
Sep 14, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-23026 HIGH
BIG-IP 13.1.0-13.1.4 - Cross-Site Request Forgery via iControl SOAP
Sep 14, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-23030 HIGH
F5 Big-ip Advanced Web Application Firewall < 12.1.6 - Improper Input Validation
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23028 HIGH
F5 <16.0.1.2, 15.1.3.1, 14.1.4.2, 13.1.4 - DoS
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23025 HIGH
BIG-IP <15.1.0.5, <14.1.3.1, <13.1.3.5, <=11.6.x - Authenticated RCE
Sep 14, 2021
CVSS 8.8
EPSS 0.02
CVE-2021-23036 HIGH
F5 BIG-IP Advanced Web Application Firewall 16.0.0-16.0.1 - Denial of Service via ASM and DataSafe Profile Configuration
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23031 CRITICAL
F5 BIG-IP Advanced WAF/ASM Privilege Escalation (16.0.1.2/15.1.3/14.1.4.1/13.1.4/12.1.6/11.6.5.3)
Sep 14, 2021
CVSS 9.9
EPSS 0.02
CVE-2021-23039 HIGH
F5 BIG-IP 12.1.0-12.1.5, 13.1.x, 14.1.0-14.1.2.7, 15.1.0-15.1.2, 16.0.0-16.0.1.1 - Denial of Service via IPSec Request
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23038 CRITICAL
BIG-IP <16.0.1.2, 15.1.3.1, 14.1.4.2, 13.1.4.1, 12.1.x - XSS
Sep 14, 2021
CVSS 9.0
EPSS 0.01
CVE-2021-23037 CRITICAL
F5 BIG-IP 11.6.0-11.6.4 - Reflected Cross-Site Scripting in Configuration Utility
Sep 14, 2021
CVSS 9.6
EPSS 0.01
CVE-2021-23035 HIGH
F5 BIG-IP 14.1.0-14.1.4.3 - Denial of Service via Chunked HTTP Responses
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23034 HIGH
BIG-IP <16.1.0, 15.1.x <15.1.3.1 - DoS
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23033 HIGH
F5 Big-ip Advanced Web Application Firewall < 12.1.6 - Improper Input Validation
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23032 HIGH
F5 Big-ip Domain Name System < 12.1.6 - Improper Input Validation
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23045 HIGH
BIG-IP <16.0.1.2, 15.1.3.1, 14.1.4.3, 13.1.4.1, 12.1.x - DoS
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23044 HIGH
F5 Big-ip Access Policy Manager < 11.6.5 - Improper Input Validation
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23046 MEDIUM
Guided Configuration <8.0.0 - Info Disclosure
Sep 14, 2021
CVSS 4.9
EPSS 0.01
CVE-2021-23043 MEDIUM
BIG-IP 11.6.0-11.6.4 - Path Traversal in Configuration Utility
Sep 14, 2021
CVSS 6.5
EPSS 0.02
CVE-2021-23042 HIGH
BIG-IP 12.1.0-12.1.5 - Uncontrolled Resource Consumption via HTTP Profile
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-23040 HIGH
BIG-IP AFM 12.1.0-12.1.5 - SQL Injection in Configuration Utility
Sep 14, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-23047 MEDIUM
F5 BIG-IP Access Policy Manager 11.6.1-11.6.4 - Uncontrolled Resource Consumption via OCSP AIA Verification
Sep 14, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-23041 MEDIUM
BIG-IP 12.1.x-16.0.x - DOM-Based Cross-Site Scripting in Configuration Utility
Sep 14, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-23053 MEDIUM
BIG-IP Advanced WAF/ASM <15.1.3, 14.1.3.1, 13.1.3.6 - Info Disclosure
Sep 14, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-23052 MEDIUM
BIG-IP <14.1.4.4, 13.1.x - Open Redirect
Sep 14, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-23051 HIGH
F5 BIG-IP 15.1.0.4-15.1.3 - Denial of Service via DPDK/ENA Driver Request Handling
Sep 14, 2021
CVSS 7.5
EPSS 0.01