f5

1,031 tracked vulnerabilities.

CVE-2021-23002 MEDIUM
BIG-IP APM <16.0.1.1, <15.1.2.1, <14.1.4, <13.1.3.6, <=12.1.x, <=11...
Mar 31, 2021
CVSS 4.5
EPSS 0.00
CVE-2021-23001 MEDIUM
BIG-IP Advanced WAF and ASM 11.6.1-11.6.5.2 - Authenticated Unrestricted File Upload via iControl REST Endpoint
Mar 31, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-23000 HIGH
F5 BIG-IP 13.1.3.4-13.1.3.6 - Denial of Service via Malicious HTTP Request Sequence
Mar 31, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-22999 HIGH
F5 BIG-IP 14.1.0-14.1.3 - Denial of Service via HTTP/2 to HTTP/1.x Connection Handling
Mar 31, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-22998 MEDIUM
BIG-IP <16.0.1.1, 15.1.2.1, 14.1.4, 13.1.3.6, 12.1.5.3, 11.6.5.3 - DoS
Mar 31, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-22997 HIGH
F5 BIG-IQ Centralized Management 6.0.0-7.x - Unauthenticated ElasticSearch Transport Service Access
Mar 31, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-22996 HIGH
F5 BIG-IQ Centralized Management 7.x < 8.0.0 - Denial of Service via Corosync Process Abort
Mar 31, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-22994 MEDIUM
F5 BIG-IP 11.6.1-16.0.1.0 - Reflected XSS via iControl REST Undisclosed Endpoints
Mar 31, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-22993 HIGH
BIG-IP Advanced WAF/ASM 12.1.0-16.0.1.0 DOM-based XSS in DoS Profile Properties
Mar 31, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-22991 CRITICAL KEV
BIG-IP <16.0.1.1, <15.1.2.1, <14.1.4, <13.1.3.6, <12.1.5.3 - DoS/RCE
Mar 31, 2021
CVSS 9.8
EPSS 0.61
CVE-2021-22995 HIGH
F5 BIG-IQ Centralized Management 6.0.0-6.1.0 - Unauthenticated High Availability Failover via Corosync Daemon
Mar 31, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-22992 CRITICAL
F5 BIG-IP Buffer Overflow via Advanced WAF Login Page
Mar 31, 2021
CVSS 9.8
EPSS 0.73
CVE-2021-22990 HIGH
BIG-IP <16.0.1.1, 15.1.2.1, 14.1.4, 13.1.3.6, 12.1.5.3, 11.6.5.3 - ...
Mar 31, 2021
CVSS 7.2
EPSS 0.09
CVE-2021-22989 CRITICAL
BIG-IP <16.0.1.1, 15.1.2.1, 14.1.4, 13.1.3.6, 12.1.5.3, 11.6.5.3 - ...
Mar 31, 2021
CVSS 9.1
EPSS 0.09
CVE-2021-22987 CRITICAL
BIG-IP <16.0.1.1, 15.1.2.1, 14.1.4, 13.1.3.6, 12.1.5.3, 11.6.5.3 - ...
Mar 31, 2021
CVSS 9.9
EPSS 0.14
CVE-2021-22988 HIGH
BIG-IP <16.0.1.1, 15.1.2.1, 14.1.4, 13.1.3.6, 12.1.5.3, 11.6.5.3 - ...
Mar 31, 2021
CVSS 8.8
EPSS 0.10
CVE-2021-22986 CRITICAL KEVNUCLEI
F5 iControl REST Unauthenticated SSRF Token Generation RCE
Mar 31, 2021
CVSS 9.8
EPSS 1.00
CVE-2021-22984 MEDIUM
BIG-IP Advanced WAF/ASM Unauthenticated Open Redirect via Malicious URI
Feb 12, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-22978 HIGH
BIG-IP 11.6.1-11.6.4 - Reflected Cross-Site Scripting via iControl REST Undisclosed Endpoints
Feb 12, 2021
CVSS 8.3
EPSS 0.01
CVE-2021-22977 HIGH
F5 BIG-IP 14.1.0-14.1.3 - Denial of Service via Malicious HTTP Client and Server Cooperation
Feb 12, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-22985 HIGH
BIG-IP APM 16.0.x < 16.0.1.1 - Authenticated Denial of Service via VPN Traffic Processing
Feb 12, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-22983 MEDIUM
BIG-IP AFM <15.1.1, 14.1.x <14.1.3.1, 13.1.x <13.1.3.5 - XSS
Feb 12, 2021
CVSS 5.4
EPSS 0.00
CVE-2021-22982 HIGH
BIG-IP DNS/GTM <13.1.0.4/12.1.x/11.6.x - Buffer Overflow
Feb 12, 2021
CVSS 7.2
EPSS 0.01
CVE-2021-22981 MEDIUM
BIG-IP <12.1.x,11.6.x - Info Disclosure
Feb 12, 2021
CVSS 4.8
EPSS 0.01
CVE-2021-22980 HIGH
Edge Client <7.2.1.1, 7.1.9.x-7.1.9.8, 7.1.x-7.1.8.5 - DLL Hijacking
Feb 12, 2021
CVSS 7.8
EPSS 0.00