Lucene search
+L

14 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.11 views

CVE-2026-41217

A vulnerability exists in an undisclosed BIG-IP TMOS Shell tmsh command that may allow an authenticated attacker with resource administrator or administrator role to execute arbitrary system commands with higher privileges. In Appliance mode deployments, a successful exploit can allow the attacke...

8.3CVSS5.7AI score0.00107EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/21 12:0 a.m.11 views

F5 Networks BIG-IP : Appliance mode iControl REST vulnerability (K000160911)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000160911 advisory. When running in Appliance mode, a directory traversal vulnerability exists in an undisclosed iControl...

6.9CVSS5.5AI score0.00886EPSS
Exploits0References2
NVD
NVD
added 2026/05/13 4:16 p.m.11 views

CVE-2026-41217

A vulnerability exists in an undisclosed BIG-IP TMOS Shell tmsh command that may allow an authenticated attacker with resource administrator or administrator role to execute arbitrary system commands with higher privileges. In Appliance mode deployments, a successful exploit can allow the attacke...

8.3CVSS0.00107EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 2:12 p.m.7 views

CVE-2026-42919 F5 BIG-IP Appliance Mode Vulnerability

A vulnerability exists in BIG-IP systems that may allow an authenticated attacker with administrative access to escalate their privileges. A successful exploit may allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support EoTS are not...

7.1CVSS5.5AI score0.00288EPSS
Exploits0References1
CVE
CVE
added 2026/05/13 2:12 p.m.25 views

CVE-2026-42919

Affected product: BIG-IP ( appliance mode feature ). The issue allows an authenticated administrator to bypass appliance mode security and execute arbitrary commands with higher privileges, a control‑plane only escalation with no data‑plane exposure as described in the advisory. For BIG-IP Next/1...

7.1CVSS5.5AI score0.00288EPSS
Exploits0References1Affected Software21
RedhatCVE
RedhatCVE
added 2025/10/16 2:51 p.m.5 views

CVE-2025-61958

A vulnerability exists in the iHealth command that may allow an authenticated attacker with at least a resource administrator role to bypass tmsh restrictions and gain access to a bash shell. For BIG-IP systems running in Appliance mode, a successful exploit can allow the attacker to cross a...

9.1CVSS6.7AI score0.00367EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/15 3:30 p.m.7 views

EUVD-2025-34629

A vulnerability exists in the iHealth command that may allow an authenticated attacker with at least a resource administrator role to bypass tmsh restrictions and gain access to a bash shell. For BIG-IP systems running in Appliance mode, a successful exploit can allow the attacker to cross a...

8.7CVSS6.2AI score0.00367EPSS
Exploits0References2
OSV
OSV
added 2025/10/15 2:15 p.m.5 views

CVE-2025-61958

A vulnerability exists in the iHealth command that may allow an authenticated attacker with at least a resource administrator role to bypass tmsh restrictions and gain access to a bash shell. For BIG-IP systems running in Appliance mode, a successful exploit can allow the attacker to cross a...

8.7CVSS5.4AI score0.00367EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/15 1:55 p.m.6 views

CVE-2025-53868 BIG-IP SCP and SFTP vulnerability

When running in Appliance mode, a highly privileged authenticated attacker with access to SCP and SFTP may be able to bypass Appliance mode restrictions using undisclosed commands. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.3AI score0.00418EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:17 p.m.11 views

CVE-2021-23015

On BIG-IP 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.0.8 through 13.1.3.6, and all versions of 16.0.x, when running in Appliance Mode, an authenticated user assigned the 'Administrator' role may be able to bypass Appliance Mode restrictions utilizing undisclosed iControl REST endpoints...

7.2CVSS6.7AI score0.01343EPSS
Exploits0References1
NVD
NVD
added 2023/02/01 6:15 p.m.33 views

CVE-2023-22374

A format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to cross a security boundary. Note...

8.5CVSS8.5AI score0.72646EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/05/04 2:0 p.m.2 views

CVE-2022-26415

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x, when running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance...

9.1CVSS5.8AI score0.00691EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/05/10 3:15 p.m.4 views

CVE-2021-23015

On BIG-IP 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.0.8 through 13.1.3.6, and all versions of 16.0.x, when running in Appliance Mode, an authenticated user assigned the 'Administrator' role may be able to bypass Appliance Mode restrictions utilizing undisclosed iControl REST endpoints...

7.2CVSS7AI score0.01343EPSS
Exploits0References1
OSV
OSV
added 2018/10/31 2:29 p.m.5 views

CVE-2018-15321

When BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.1.0-2.3.0, or Enterprise Manager 3.1.1 is licensed for Appliance Mode, Admin and Resource...

4.9CVSS5.8AI score0.00896EPSS
Exploits0References1
Rows per page
Query Builder