F5 Networks BIG-IP : BIG-IP DNS TMUI vulnerability (K38893457)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5 / 15.1.6.1 / 16.1.3 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K38893457 advisory. A vulnerability exists in undisclosed pages of the BIG-IP DNS Traffic Management User Interface TM...

CVE-2022-33947

CVE-2022-33947 affects BIG-IP DNS TMUI (TMUI/DNS) in BIG-IP versions 16.0.x–16.1.2, 15.1.x, 14.1.x and 13.1.x; an authenticated operator can cause Tomcat restart and perform unauthorized DNS requests via undisclosed TMUI requests. Root cause: deserialization issue in TMUI leading to control-plane...

CVE-2022-33947 BIG-IP DNS TMUI Vulnerability CVE-2022-33947

In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, a vulnerability exists in undisclosed pages of the BIG-IP DNS Traffic Management User Interface TMUI that allows an authenticated attacker with at least operator role privileges to...

F5 BIG-IP DNS TMUI Denial of Service Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial-of-service vulnerability exists in the F5 BIG-IP DNS TMUI, which can be exploited by an authenticated attacker with ...

F5 BIG-IP has an unspecified vulnerability (CNVD-2022-74719)

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A security vulnerability exists in F5 BIG-IP that could be exploited to modify and delete Dashboards created by other BIG-IP...

F5 BIG-IP TMUI Cross-Site Scripting Vulnerability (CNVD-2022-77533)

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A cross-site scripting vulnerability exists in the F5 BIG-IP TMUI, which can be exploited by attackers to execute JavaScript ...

CVE-2022-27659

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1.x versions prior to 14.1.4.6, an authenticated attacker can modify or delete Dashboards created by other BIG-IP users in the Traffic Management User Interface TMUI. Note: Software versions which have reach...

Code injection

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1.x versions prior to 14.1.4.6, an authenticated attacker can modify or delete Dashboards created by other BIG-IP users in the Traffic Management User Interface TMUI. Note: Software versions which have reach...

CVE-2022-27659

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1.x versions prior to 14.1.4.6, an authenticated attacker can modify or delete Dashboards created by other BIG-IP users in the Traffic Management User Interface TMUI. Note: Software versions which have reach...

CVE-2022-27659

CVE-2022-27659 affects F5 BIG-IP TMUI (Traffic Management User Interface). An authenticated attacker can modify or delete dashboards created by other BIG-IP users on vulnerable branches. Affects 16.1.x (<16.1.2.2), 15.1.x (<15.1.5.1), and 14.1.x (

F5 Networks BIG-IP : TMUI XSS vulnerability (K92807525)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K92807525 advisory. - On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP, and F5 BIG-IP Guided Configuration GC all...

F5 Networks BIG-IP : BIG-IP TMUI vulnerability (K08510472)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K08510472 advisory. - On F5 BIG-IP AFM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to...

F5 Networks BIG-IP : BIG-IP TMUI vulnerability (K41877405)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K41877405 advisory. - On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1....

F5 Networks BIG-IP : TMUI XSS vulnerability (K25451853)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K25451853 advisory. - On 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x...

F5 Networks BIG-IP : BIG-IP TMUI XSS vulnerability (K70300233)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K70300233 advisory. - On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1....

8x8: F5 BIG-IP TMUI RCE - CVE-2020-5902 (██.packet8.net)

@remonsec reported to us a vulnerability in F5 BIG-IP's Traffic Management User Interface TMUI, which exploited, could have led to RCE in undisclosed pages: CVE-2020-5902 We swiftly applied the fix to the F5 BIG-IP & restricted access further, which resolved the issue...

CVE-2022-23031

On BIG-IP FPS, ASM, and Advanced WAF versions 16.1.x before 16.1.1, 15.1.x before 15.1.4, and 14.1.x before 14.1.4.4, an XML External Entity XXE vulnerability exists in an undisclosed page of the F5 Advanced Web Application Firewall Advanced WAF and BIG-IP ASM Traffic Management User Interface...

CVE-2022-23031

On BIG-IP FPS, ASM, and Advanced WAF versions 16.1.x before 16.1.1, 15.1.x before 15.1.4, and 14.1.x before 14.1.4.4, an XML External Entity XXE vulnerability exists in an undisclosed page of the F5 Advanced Web Application Firewall Advanced WAF and BIG-IP ASM Traffic Management User Interface...

CVE-2022-23031

The CVE-2022-23031 entry corresponds to an XML External Entity (XXE) vulnerability in the F5 BIG-IP TMUI/Configuration utility used by Advanced WAF, ASM, and FPS. Affected versions include BIG-IP 16.1.x before 16.1.1, 15.1.x before 15.1.4, and 14.1.x before 14.1.4.4, where an authenticated, high-...

F5 Networks BIG-IP : TMUI XSS vulnerability (K29500533)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.4 / 15.1.4 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K29500533 advisory. - On BIG-IP DNS & GTM version 16.x before 16.1.0, 15.1.x before 15.1.4, 14.1.x before 14.1.4.4, an...