f5

1,024 tracked vulnerabilities.

CVE-2020-27729 MEDIUM
F5 BIG-IP Access Policy Manager 11.6.1-11.6.5 - Open Redirect via Undisclosed Link
Dec 24, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-27728 HIGH
BIG-IP ASM & Advanced WAF <16.0.0.1 - Info Disclosure
Dec 24, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-27727 MEDIUM
BIG-IP 13.1.0-13.1.3.4, 14.1.0-14.1.3, 15.1.0-15.1.0.5, 16.0.0-16.0.0.1 - Authenticated Arbitrary File Read
Dec 24, 2020
CVSS 4.9
EPSS 0.00
CVE-2020-27726 MEDIUM
F5 Big-ip Access Policy Manager < 12.1.5 - XSS
Dec 24, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-27723 HIGH
BIG-IP APM <14.1.3, <13.1.3.4 - DoS
Dec 24, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-27722 MEDIUM
BIG-IP APM 13.1.0-13.1.3.4, 14.1.0-14.1.3, 15.0.0-15.0.1.3 - Uncontrolled Resource Consumption in VDI Plugin
Dec 24, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-27720 HIGH
F5 BIG-IP LTM/CGNAT 13.1.0-13.1.3.5, 14.1.0-14.1.3, 15.1.0-15.1.0.5, 16.0.0-16.0.0.1 - DoS via NAT66 Traffic
Dec 24, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-27719 MEDIUM
F5 BIG-IP 14.1.0-14.1.3 - Cross-Site Scripting in Configuration Utility
Dec 24, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-27717 HIGH
BIG-IP DNS 12.1.0-12.1.5.2, 13.1.0-13.1.3.4, 14.1.0-14.1.3, 15.1.0-15.1.0.5, 16.0.0-16.0.0.1 DoS via DNS Requests
Dec 24, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-27716 HIGH
F5 BIG-IP Access Policy Manager 11.6.1-11.6.5 - Denial of Service in TMM
Dec 24, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-27715 HIGH
F5 BIG-IP 14.1.0-14.1.3 and 15.1.0-15.1.0.5 - Denial of Service via Crafted TLS Request
Dec 24, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-27714 HIGH
BIG-IP AFM <15.1.0.5-13.1.3.5 - DoS
Dec 24, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-27725 MEDIUM
BIG-IP DNS Memory Leak in Zone Listing
Dec 24, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-27724 MEDIUM
BIG-IP APM 11.6.1-11.6.5 - Authenticated Uncontrolled Resource Consumption via VPN Tunnel Traffic
Dec 24, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-27721 HIGH
F5 BIG-IP DNS and BIG-IP LTM GSLB - Denial of Service in DNS Response Handling
Dec 24, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-27718 HIGH
F5 BIG-IP ASM/Advanced WAF DoS via JSON Payload Parameter Processing
Dec 24, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-27730 CRITICAL
F5 NGINX Controller 1.0.1 2.0.0-2.9.0 3.0.0-3.9.0 - Path Traversal via Relative Paths in System Utility Calls
Dec 11, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-5950 MEDIUM
BIG-IP 14.1.0-14.1.2.6 - Reflected Cross-Site Scripting in iControl REST Undisclosed Endpoints
Dec 11, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-5949 HIGH
F5 BIG-IP 13.1.0-13.1.3.4 14.0.0-14.0.1 - Denial of Service via FTP Profile Traffic Pattern
Dec 11, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-5948 CRITICAL
F5 BIG-IP 13.1.0-13.1.3.4 14.1.0-14.1.2.7 15.1.0-15.1.0.5 16.0.0-16.0.0.1 - Reflected XSS via iControl REST
Dec 11, 2020
CVSS 9.6
EPSS 0.01
CVE-2020-27713 HIGH
BIG-IP Advanced Firewall Manager 13.1.3.4 - Memory Leak in Traffic Management Microkernel
Dec 11, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-5947 MEDIUM
BIG-IP 15.1.0-15.1.1 and 16.0.0-16.0.0.1 - TCP Sequence Number Exposure
Nov 19, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-5946 HIGH
BIG-IP Advanced WAF and FPS <16.0.0.1 - DoS
Nov 05, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-5945 HIGH
F5 BIG-IP 14.1.0-14.1.2.7, 15.1.0-15.1.0.5, 16.0.0-16.0.0.1 - Stored Cross-Site Scripting in TMUI Page
Nov 05, 2020
CVSS 8.4
EPSS 0.00
CVE-2020-5944 MEDIUM
BIG-IQ Centralized Management 7.1.0 - Denial of Service via DoS Summary and DNS Overview Pages
Nov 05, 2020
CVSS 4.3
EPSS 0.00
Products
big-ip_access_policy_manager 589 big-ip_application_security_manager 541 big-ip_advanced_firewall_manager 514 big-ip_local_traffic_manager 503 big-ip_policy_enforcement_manager 495 big-ip_link_controller 487 big-ip_application_acceleration_manager 486 big-ip_analytics 473 big-ip_global_traffic_manager 452 big-ip_domain_name_system 429 big-ip_fraud_protection_service 367 big-ip_webaccelerator 259 big-ip_edge_gateway 255 big-ip_advanced_web_application_firewall 155 big-ip_websafe 137 big-ip_ddos_hybrid_defender 127 big-ip_ssl_orchestrator 108 big-iq_centralized_management 77 big-ip_carrier-grade_nat 71 big-ip_application_visibility_and_reporting 70 big-ip_protocol_security_module 61 big-ip_container_ingress_services 48 big-ip_automation_toolchain 47 BIG-IP 46 nginx 41 enterprise_manager 39 njs 39 big-ip_wan_optimization_manager 38 traffix_signaling_delivery_controller 31 ssl_orchestrator 27
Quick Filters
Critical CVEs With Exploits In CISA KEV