f5
1,031 tracked vulnerabilities.
CVE-2020-5904
HIGH
BIG-IP 12.1.0-12.1.5.1 - Cross-Site Request Forgery in TMUI
Jul 01, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-5903
MEDIUM
F5 BIG-IP 12.1.0-12.1.5.1 - Cross-Site Scripting in Configuration Utility
Jul 01, 2020
CVSS 6.1
EPSS 0.02
CVE-2020-5902
CRITICAL
KEVNUCLEI
BIG-IP 11.6.1-11.6.5.1 - Remote Code Execution via TMUI Undisclosed Pages
Jul 01, 2020
CVSS 9.8
EPSS 1.00
CVE-2020-5901
CRITICAL
F5 NGINX Controller 3.3.0-3.4.0 - Reflected Cross-Site Scripting via Undisclosed API Endpoints
Jul 01, 2020
CVSS 9.6
EPSS 0.01
CVE-2020-5899
HIGH
NGINX Controller 3.0.0-3.4.0 - Info Disclosure
Jul 01, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-5900
HIGH
NGINX Controller <3.4.0, <2.9.0, <1.0.1 - CSRF
Jul 01, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-5898
MEDIUM
BIG-IP Edge Client <7.1.10 - Local Privilege Escalation
May 12, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-5897
HIGH
BIG-IP Edge Client <7.1.10 - Use After Free
May 12, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-5896
HIGH
BIG-IP Edge Client <7.1.10 - Info Disclosure
May 12, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-5895
HIGH
NGINX Controller <3.3.0 - Memory Corruption
May 07, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-5894
HIGH
NGINX Controller <3.3.0 - Info Disclosure
May 07, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-5892
MEDIUM
F5 BIG-IP APM, Edge Gateway, and FirePass Legacy - Session ID Exposure in Process Memory
Apr 30, 2020
CVSS 6.7
EPSS 0.00
CVE-2020-5890
MEDIUM
BIG-IP 12.1.0-15.0.1 & BIG-IQ 5.2.0-7.1.0 - LDAP Credential Exposure via QKView Obfuscation Bypass
Apr 30, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-5888
HIGH
BIG-IP VE <15.1.0.1 - Privilege Escalation
Apr 30, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-5893
LOW
BIG-IP Edge Client <7.1.9 - Info Disclosure
Apr 30, 2020
CVSS 3.7
EPSS 0.01
CVE-2020-5891
HIGH
F5 BIG-IP 14.1.0-14.1.2.3, 15.0.0-15.0.1.2, 15.1.0-15.1.0.1 - Denial of Service via HTTP/2 Requests to Fallback Host
Apr 30, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-5889
MEDIUM
BIG-IP APM 14.1.0-14.1.2.3, 15.0.0-15.0.1.2, 15.1.0-15.1.0.1 - Reflected XSS via HTTP Response Rewriting
Apr 30, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-5887
CRITICAL
BIG-IP VE <15.1.0.1 - Privilege Escalation
Apr 30, 2020
CVSS 9.1
EPSS 0.02
CVE-2020-5886
CRITICAL
F5 BIG-IP 12.1.0-15.1.0.1 Cleartext Transmission of Sensitive Cryptographic Objects via Connection Mirroring
Apr 30, 2020
CVSS 9.1
EPSS 0.01
CVE-2020-5885
CRITICAL
F5 BIG-IP 12.1.0-15.1.0.1 Cleartext Transmission of Sensitive Cryptographic Objects
Apr 30, 2020
CVSS 9.1
EPSS 0.01
CVE-2020-5884
CRITICAL
F5 BIG-IP 11.6.1-15.1.0.3 Insecure High Availability Pair Mirroring
Apr 30, 2020
CVSS 9.1
EPSS 0.01
CVE-2020-5883
HIGH
BIG-IP 13.1.0-13.1.3.1, 14.0.0-14.0.1, 14.1.0-14.1.2.3, 15.0.0-15.0.1 Memory Leak via HTTP Explicit Proxy
Apr 30, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-5882
HIGH
BIG-IP <15.0.1.3, 14.1.2.3, 13.1.3.3, 12.1.5, 11.6.5.1 - Info Discl...
Apr 30, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-5881
HIGH
F5 BIG-IP Virtual Edition 13.1.0-13.1.3.3, 14.1.0-14.1.2.3, 15.0.0-15.1.0.1 DoS via NDAL Interface
Apr 30, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-5880
HIGH
Om BIG-IP <15.0.1.3-14.1.2.3 - File Upload
Apr 30, 2020
CVSS 7.1
EPSS 0.01
Products
big-ip_access_policy_manager 628
big-ip_application_security_manager 581
big-ip_advanced_firewall_manager 552
big-ip_local_traffic_manager 541
big-ip_policy_enforcement_manager 533
big-ip_link_controller 525
big-ip_application_acceleration_manager 524
big-ip_analytics 511
big-ip_global_traffic_manager 490
big-ip_domain_name_system 469
big-ip_fraud_protection_service 405
big-ip_webaccelerator 297
big-ip_edge_gateway 293
big-ip_advanced_web_application_firewall 195
big-ip_websafe 175
big-ip_ddos_hybrid_defender 166
big-ip_ssl_orchestrator 147
big-ip_carrier-grade_nat 109
big-ip_application_visibility_and_reporting 108
big-ip_container_ingress_services 86
big-ip_automation_toolchain 85
big-iq_centralized_management 85
big-ip_protocol_security_module 61
BIG-IP 46
nginx 42
njs 40
enterprise_manager 39
big-ip_wan_optimization_manager 38
traffix_signaling_delivery_controller 31
ssl_orchestrator 27
Quick Filters