f5
1,031 tracked vulnerabilities.
CVE-2021-23002
MEDIUM
BIG-IP APM <16.0.1.1, <15.1.2.1, <14.1.4, <13.1.3.6, <=12.1.x, <=11...
Mar 31, 2021
CVSS 4.5
EPSS 0.00
CVE-2021-23001
MEDIUM
BIG-IP Advanced WAF and ASM 11.6.1-11.6.5.2 - Authenticated Unrestricted File Upload via iControl REST Endpoint
Mar 31, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-23000
HIGH
F5 BIG-IP 13.1.3.4-13.1.3.6 - Denial of Service via Malicious HTTP Request Sequence
Mar 31, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-22999
HIGH
F5 BIG-IP 14.1.0-14.1.3 - Denial of Service via HTTP/2 to HTTP/1.x Connection Handling
Mar 31, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-22998
MEDIUM
BIG-IP <16.0.1.1, 15.1.2.1, 14.1.4, 13.1.3.6, 12.1.5.3, 11.6.5.3 - DoS
Mar 31, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-22997
HIGH
F5 BIG-IQ Centralized Management 6.0.0-7.x - Unauthenticated ElasticSearch Transport Service Access
Mar 31, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-22996
HIGH
F5 BIG-IQ Centralized Management 7.x < 8.0.0 - Denial of Service via Corosync Process Abort
Mar 31, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-22994
MEDIUM
F5 BIG-IP 11.6.1-16.0.1.0 - Reflected XSS via iControl REST Undisclosed Endpoints
Mar 31, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-22993
HIGH
BIG-IP Advanced WAF/ASM 12.1.0-16.0.1.0 DOM-based XSS in DoS Profile Properties
Mar 31, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-22991
CRITICAL
KEV
BIG-IP <16.0.1.1, <15.1.2.1, <14.1.4, <13.1.3.6, <12.1.5.3 - DoS/RCE
Mar 31, 2021
CVSS 9.8
EPSS 0.61
CVE-2021-22995
HIGH
F5 BIG-IQ Centralized Management 6.0.0-6.1.0 - Unauthenticated High Availability Failover via Corosync Daemon
Mar 31, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-22992
CRITICAL
F5 BIG-IP Buffer Overflow via Advanced WAF Login Page
Mar 31, 2021
CVSS 9.8
EPSS 0.73
CVE-2021-22990
HIGH
BIG-IP <16.0.1.1, 15.1.2.1, 14.1.4, 13.1.3.6, 12.1.5.3, 11.6.5.3 - ...
Mar 31, 2021
CVSS 7.2
EPSS 0.09
CVE-2021-22989
CRITICAL
BIG-IP <16.0.1.1, 15.1.2.1, 14.1.4, 13.1.3.6, 12.1.5.3, 11.6.5.3 - ...
Mar 31, 2021
CVSS 9.1
EPSS 0.09
CVE-2021-22987
CRITICAL
BIG-IP <16.0.1.1, 15.1.2.1, 14.1.4, 13.1.3.6, 12.1.5.3, 11.6.5.3 - ...
Mar 31, 2021
CVSS 9.9
EPSS 0.14
CVE-2021-22988
HIGH
BIG-IP <16.0.1.1, 15.1.2.1, 14.1.4, 13.1.3.6, 12.1.5.3, 11.6.5.3 - ...
Mar 31, 2021
CVSS 8.8
EPSS 0.10
CVE-2021-22986
CRITICAL
KEVNUCLEI
F5 iControl REST Unauthenticated SSRF Token Generation RCE
Mar 31, 2021
CVSS 9.8
EPSS 1.00
CVE-2021-22984
MEDIUM
BIG-IP Advanced WAF/ASM Unauthenticated Open Redirect via Malicious URI
Feb 12, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-22978
HIGH
BIG-IP 11.6.1-11.6.4 - Reflected Cross-Site Scripting via iControl REST Undisclosed Endpoints
Feb 12, 2021
CVSS 8.3
EPSS 0.01
CVE-2021-22977
HIGH
F5 BIG-IP 14.1.0-14.1.3 - Denial of Service via Malicious HTTP Client and Server Cooperation
Feb 12, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-22985
HIGH
BIG-IP APM 16.0.x < 16.0.1.1 - Authenticated Denial of Service via VPN Traffic Processing
Feb 12, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-22983
MEDIUM
BIG-IP AFM <15.1.1, 14.1.x <14.1.3.1, 13.1.x <13.1.3.5 - XSS
Feb 12, 2021
CVSS 5.4
EPSS 0.00
CVE-2021-22982
HIGH
BIG-IP DNS/GTM <13.1.0.4/12.1.x/11.6.x - Buffer Overflow
Feb 12, 2021
CVSS 7.2
EPSS 0.01
CVE-2021-22981
MEDIUM
BIG-IP <12.1.x,11.6.x - Info Disclosure
Feb 12, 2021
CVSS 4.8
EPSS 0.01
CVE-2021-22980
HIGH
Edge Client <7.2.1.1, 7.1.9.x-7.1.9.8, 7.1.x-7.1.8.5 - DLL Hijacking
Feb 12, 2021
CVSS 7.8
EPSS 0.00
Products
big-ip_access_policy_manager 628
big-ip_application_security_manager 581
big-ip_advanced_firewall_manager 552
big-ip_local_traffic_manager 541
big-ip_policy_enforcement_manager 533
big-ip_link_controller 525
big-ip_application_acceleration_manager 524
big-ip_analytics 511
big-ip_global_traffic_manager 490
big-ip_domain_name_system 469
big-ip_fraud_protection_service 405
big-ip_webaccelerator 297
big-ip_edge_gateway 293
big-ip_advanced_web_application_firewall 195
big-ip_websafe 175
big-ip_ddos_hybrid_defender 166
big-ip_ssl_orchestrator 147
big-ip_carrier-grade_nat 109
big-ip_application_visibility_and_reporting 108
big-ip_container_ingress_services 86
big-ip_automation_toolchain 85
big-iq_centralized_management 85
big-ip_protocol_security_module 61
BIG-IP 46
nginx 42
njs 40
enterprise_manager 39
big-ip_wan_optimization_manager 38
traffix_signaling_delivery_controller 31
ssl_orchestrator 27
Quick Filters