CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition VE may expose a mechanism for adjacent network layer 2 attackers to access local daemons and bypass port lockdown settings...

8.1CVSS6.8AI score0.00158EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:38 p.m.•5 views

CVE-2020-5923

In BIG-IP versions 15.0.0-15.1.0.4, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1 and BIG-IQ versions 5.4.0-7.0.0, Self-IP port-lockdown bypass via IPv6 link-local addresses...

5.4CVSS7AI score0.00073EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:13 p.m.•6 views

CVE-2020-5887

On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition VE may expose a mechanism for remote attackers to access local daemons and bypass port lockdown settings...

9.1CVSS6.9AI score0.00372EPSS

Exploits0References1

OSV•added 2024/10/16 3:15 p.m.•2 views

CVE-2024-45844

BIG-IP monitor functionality may allow an attacker to bypass access control restrictions, regardless of the port lockdown settings. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.6CVSS5.8AI score0.00053EPSS

Exploits1References2

CVE•added 2024/10/16 2:12 p.m.•78 views

CVE-2024-45844

CVE-2024-45844 affects F5 BIG-IP monitors vulnerability. The issue allows an authenticated attacker with Manager-level privileges (via Configuration utility or tmsh) to elevate privileges or modify configuration due to a monitor feature flaw. Affected BIG-IP versions and fixes: 15.1.x up to 15.1....

8.6CVSS7AI score0.00053EPSS

Exploits1References2Affected Software21

F5 Networks•added 2023/02/21 8:0 p.m.•29 views

K05123525: ConfigSync vulnerability CVE-2019-6649

Security Advisory Description F5 BIG-IP and Enterprise Manager may expose sensitive information and allow the system configuration to be modified when using non-default ConfigSync settings. CVE-2019-6649 Impact The vulnerability is only present when the system is configured for high availability ...

9.1CVSS8.7AI score0.00521EPSS

Exploits0Affected Software14

F5 Networks•added 2023/02/21 8:0 p.m.•47 views

K04280042: BIG-IP ASM vulnerability CVE-2019-6650

Security Advisory Description F5 BIG-IP ASM may expose sensitive information and allow the system configuration to be modified when using non-default settings. CVE-2019-6650 Impact The vulnerability is only present on multi-bladed systems VIPRION with BIG-IP ASM provisioned, on the following...

9.1CVSS8.8AI score0.00521EPSS

Exploits0Affected Software1

F5 Networks•added 2023/02/21 6:35 p.m.•28 views

K72442354: TMM vulnerability CVE-2018-15320

Security Advisory Description Undisclosed traffic patterns may lead to denial of service conditions for the BIG-IP system. The configuration which exposes this condition is the BIG-IP self IP address which is part of a VLAN group and has the Port Lockdown setting configured with anything other th...

7.5CVSS7.5AI score0.00682EPSS

Exploits0

F5 Networks•added 2022/12/30 10:51 p.m.•23 views

K05975972: BIG-IP self IP vulnerability CVE-2020-5923

Security Advisory Description Self-IP port-lockdown bypass by way of IPv6 link-local addresses. CVE-2020-5923 Impact Port lockdowns may be bypassable on accessible self IP addresses on an ipv6 link-local address. Security Advisory Status F5 Product Development has assigned ID 832885 BIG-IP and ID...

5.4CVSS5.8AI score0.00073EPSS

Exploits0Affected Software12

OSV•added 2022/08/04 6:15 p.m.•1 views

CVE-2022-33962

In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, certain iRules commands may allow an attacker to bypass the access control restrictions for a self IP address, regardless of the port lockdown settings...

6.7CVSS5.8AI score

Exploits0References1