57 matches found
CVE-2026-20001
A vulnerability in the REST API of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inadequate validation of user-supplied input. An attacker could exploit this vulnerability by sending...
CVE-2026-2507
When BIG-IP AFM or BIG-IP DDoS is provisioned, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-2507
CVE-2026-2507 affects BIG-IP AFM and BIG-IP DDoS Hybrid Defender where provisioning can trigger Traffic Management Microkernel (TMM) termination due to undisclosed traffic, causing DoS. The advisory notes EoTS-excluded versions. Affected versions are not fully listed in these sources, but F5’s K0...
CVE-2026-2507
When BIG-IP AFM or BIG-IP DDoS is provisioned, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
F5 Networks BIG-IP : BIG-IP TMM vulnerability (K000160003)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.5.1.5 / Hotfix- BIGIP-17.5.1.4.0.17.20-ENG.iso. It is, therefore, affected by a vulnerability as referenced in the K000160003 advisory. When BIG-IP AFM or BIG-IP DDoS Hybrid Defender is provisioned, undisclosed traffic...
PT-2026-20463
Name of the Vulnerable Software and Affected Versions BIG-IP AFM and BIG-IP DDoS affected versions not specified Description Undisclosed traffic can cause Traffic Management Microkernel TMM to terminate when BIG-IP Application Firewall AFM or BIG-IP Distributed Denial of Service DDoS is...
CVE-2025-59478
When a BIG-IP AFM denial-of-service DoS protection profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
K000150010: BIG-IP AFM security exposure
Security Advisory Description After a reboot, the BIG-IP AFM ipsd process may unexpectedly fail to enforce the Intrusion Prevention System IPS signatures configured for protocol inspection profiles. This condition can persist for some time even though the system reports the protocol inspection...
EUVD-1999-0158
Malware in sbrugna...
EUVD-2017-15207
Malware in sbrugna...
The vulnerability of the IPS software modules of BIG-IP Next CNF (Cloud-Native Functions) and BIG-IP AFM (Advanced Firewall Manager) allows attackers to cause service interruptions.
The vulnerability of the IPS software solutions for network security, BIG-IP Next CNF Cloud-Native Functions and BIG-IP AFM Advanced Firewall Manager, is related to unlimited resource allocation. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
Access Control Bypass
sigs.k8s.io/aws-load-balancer-controller is vulnerable to Access control bypass. The vulnerability is due to the controller’s automatic disassociation of WebACLs from ALBs when specific annotations are missing, which unintentionally removes WebACL protections, even if they were configured by AWS...
CVE-2024-25560
When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
F5 BIG-IP AFM Security Vulnerability
F5 BIG-IP AFM is an advanced firewall product for protection against DDos attacks from F5 USA. A security vulnerability exists in the F5 BIG-IP AFM that stems from the fact that for unspecified traffic patterns, the BIG-IP AFM IPS engine may take an excessive amount of time to match traffic to...
PT-2024-19042 · F5 · Big-Ip Afm
Name of the Vulnerable Software and Affected Versions: BIG-IP AFM affected versions not specified Description: When BIG-IP AFM Device DoS or DoS profile is configured with NXDOMAIN attack vector and bad actor detection, undisclosed queries can cause the Traffic Management Microkernel TMM to...
The vulnerability of the BIG-IP Access Policy Manager’s access control and remote authentication mechanisms, as well as the software products such as BIG-IP Advanced Firewall Manager, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Hybrid Defender, BIG-IP Domain Name System, BIG-IP Fraud Protection Service, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IP Policy Enforcement Manager, BIG-IP Orchestrator, allows a perpetrator to trigger a service failure.
The vulnerabilities of the BIG-IP Access Policy Manager, as well as the BIG-IP Advanced Firewall Manager, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Hybrid Defender, BIG-IP Domain Name System, BIG-IP Fraud Protection Service, BIG-IP Link...
The vulnerability of the BIG-IP Access Policy Manager’s access control and remote authentication mechanisms, as well as the software products such as BIG-IP Advanced Firewall Manager, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Hybrid Defender, BIG-IP Domain Name System, BIG-IP Fraud Protection Service, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IP Policy Enforcement Manager, BIG-IP Orchestrator, allows a perpetrator to trigger a service failure.
The vulnerabilities of the BIG-IP Access Policy Manager, as well as the BIG-IP Advanced Firewall Manager, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Hybrid Defender, BIG-IP Domain Name System, BIG-IP Fraud Protection Service, BIG-IP Link...
The vulnerability of the BIG-IP Access Policy Manager’s access control and remote authentication mechanisms, as well as the software products such as BIG-IP Advanced Firewall Manager, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Hybrid Defender, BIG-IP Domain Name System, BIG-IP Fraud Protection Service, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IP Policy Enforcement Manager, BIG-IP Orchestrator, allows a perpetrator to trigger a service failure.
The vulnerabilities of the BIG-IP Access Policy Manager, as well as the BIG-IP Advanced Firewall Manager, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Hybrid Defender, BIG-IP Domain Name System, BIG-IP Fraud Protection Service, BIG-IP Link...
The vulnerability of the BIG-IP Access Policy Manager, as well as software solutions such as BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Application Visibility and Reporting (AVR), BIG-IP DDos Hybrid Defender, BIG-IP Domain Name System, BIG-IP Fraud Protection Service, BIG-IP Global Traffic Manager, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IP Policy Inforcement Manager, BIG-IP SSL Orchestrator, BIG-IP Webaccelerator, and BIG-IP WebSafe, is related to incorrect session duration settings. This allows attackers to gain unauthorized access to protected information.
The vulnerabilities of the BIG-IP Access Policy Manager, as well as of software solutions such as BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Application Visibili...
The vulnerabilities of the BIG-IP Access Policy Manager, as well as of software solutions such as BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Application Visibility and Reporting (AVR), BIG-IP Camer-Grade NAT (CGNAT), BIG-IP DDos Hybrid Defender, BIG-IP Domain Name System, BIG-IP Edge Gateway, BIG-IP Fraud Protection Service, BIG-IP Global Traffic Manager, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IP Policy Inforcement Manager, BIG-IP SSL Orchestrator, BIG-IP Webaccelerator, and BIG-IP WebSafe, when running on the BIG-IP TMOS Shel operating system, allow attackers to expose the protected information.
The vulnerabilities of the BIG-IP Access Policy Manager, as well as of software solutions such as BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Application Visibili...