CVE-2021-23051

On BIG-IP versions 15.1.0.4 through 15.1.3, when the Data Plane Development Kit DPDK/Elastic Network Adapter ENA driver is used with BIG-IP on Amazon Web Services AWS systems, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. This is due to an incomplete fix for...

F5 Networks BIG-IP : BIG-IP VE network interface vulnerability (K75111593)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.3.5 / 14.1.2.7 / 15.1.0.4 / 16.0.1. It is, therefore, affected by a vulnerability as referenced in the K75111593 advisory. - In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.3, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, and...

Cross site request forgery (csrf)

In versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, BIG-IP ASM Configuration utility CSRF protection token can be reused multiple times...

Cross site scripting

In versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, and 14.1.0-14.1.2.6, BIG-IP ASM Configuration utility Stored-Cross Site Scripting...

Design/Logic Flaw

In BIG-IP versions 15.0.0-15.1.0.4, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1 and BIG-IQ versions 5.4.0-7.0.0, Self-IP port-lockdown bypass via IPv6 link-local addresses...

CVE-2020-5927

In versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, and 14.1.0-14.1.2.6, BIG-IP ASM Configuration utility Stored-Cross Site Scripting...