Lucene search
K

98 matches found

Cvelist
Cvelist
added 2022/08/04 5:47 p.m.23 views

CVE-2022-34851 BIG-IP and BIG-IQ iControl SOAP vulnerability CVE-2022-34851

In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ Centralized Management all versions of 8.x, an authenticated attacker may cause iControl SOAP to become unavailable through undisclosed request...

4.3CVSS6.6AI score0.00658EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/08/04 12:0 a.m.3 views

PT-2022-22395 · F5 · Big-Iq Centralized Management +1

Name of the Vulnerable Software and Affected Versions: BIG-IP versions 13.1.x BIG-IP versions 14.1.x before 14.1.5.1 BIG-IP versions 15.1.x before 15.1.6.1 BIG-IP versions 16.1.x before 16.1.3.1 BIG-IP versions 17.0.x before 17.0.0.1 BIG-IQ Centralized Management versions 8.x Description: An...

6.5CVSS6.3AI score0.00658EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2022/08/03 9:20 p.m.28 views

Exploit for Cross-Site Request Forgery (CSRF) in F5 Big-Iq_Centralized_Management

This is a proof of concept for CVE-2022-41622, which is a CSRF i...

8.8CVSS8.1AI score0.87987EPSS
Exploits7
ATTACKERKB
ATTACKERKB
added 2022/08/03 2:0 p.m.1 views

CVE-2022-34851

In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ Centralized Management all versions of 8.x, an authenticated attacker may cause iControl SOAP to become unavailable through undisclosed request...

6.5CVSS6AI score0.00658EPSS
Exploits0References2Affected Software2
Tenable Nessus
Tenable Nessus
added 2022/08/03 12:0 a.m.42 views

F5 Networks BIG-IP : BIG-IP and BIG-IQ iControl SOAP vulnerability (K50310001)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.1 / 15.1.6.1 / 16.1.3.1 / 17.0.0.1 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K50310001 advisory. An authenticated attacker may cause iControl SOAP to become unavailable through...

6.5CVSS6.6AI score0.00658EPSS
Exploits0References2
CNVD
CNVD
added 2022/05/07 12:0 a.m.52 views

F5 BIG-IP iControl SOAP Directory Traversal Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A directory traversal vulnerability exists in F5 BIG-IP iControl SOAP, which can be exploited by an attacker to send a crafted...

4.3CVSS4.7AI score0.01469EPSS
Exploits0References1
Prion
Prion
added 2022/05/05 5:15 p.m.29 views

Directory traversal

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, a directory traversal vulnerability exists in iControl SOAP that allows an authenticated attacker with at...

4CVSS4.4AI score0.01469EPSS
Exploits0References1Affected Software11
Cvelist
Cvelist
added 2022/05/05 4:45 p.m.27 views

CVE-2022-29474

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, a directory traversal vulnerability exists in iControl SOAP that allows an authenticated attacker with at...

4.3CVSS4.7AI score0.01469EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/05/05 12:0 a.m.58 views

F5 Networks BIG-IP : iControl SOAP vulnerability (K59904248)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K59904248 advisory. - On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1,...

4.3CVSS5.3AI score0.01469EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/05/04 7:11 p.m.5 views

CVE-2022-29474

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, a directory traversal vulnerability exists in iControl SOAP that allows an authenticated attacker with at...

4.3CVSS5.9AI score0.01469EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/05/04 12:0 a.m.3 views

F5 BIG-IP 路径遍历漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A directory traversal vulnerability exists in F5 BIG-IP iControl SOAP, which can be exploited by an attacker to send a crafted...

4.3CVSS5.3AI score0.01469EPSS
Exploits0References4
OSV
OSV
added 2021/09/14 10:15 p.m.5 views

CVE-2021-23026

BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x and 11.6.x and all versions of BIG-IQ 8.x, 7.x, and 6.x are vulnerable to cross-site request forgery CSRF attacks through iControl SOAP. Note: Software versions...

8.8CVSS5.7AI score0.00481EPSS
Exploits0References1
Prion
Prion
added 2021/09/14 10:15 p.m.18 views

Cross site request forgery (csrf)

BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x and 11.6.x and all versions of BIG-IQ 8.x, 7.x, and 6.x are vulnerable to cross-site request forgery CSRF attacks through iControl SOAP. Note: Software versions...

6.8CVSS8.7AI score0.00481EPSS
Exploits0References1Affected Software15
CVE
CVE
added 2021/09/14 9:57 p.m.93 views

CVE-2021-23026

Summary: CVE-2021-23026 affects F5 BIG-IP and BIG-IQ via a CSRF flaw in iControl SOAP that can trick authenticated users into performing actions on the control plane. The vulnerability affects multiple release lines (e.g., BIG-IP 16.0.x up to 16.0.1.2, 15.1.x up to 15.1.2, 14.1.x up to 14.1.4, 13...

8.8CVSS8.7AI score0.00481EPSS
Exploits0References1Affected Software15
Cvelist
Cvelist
added 2021/09/14 9:57 p.m.24 views

CVE-2021-23026

BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x and 11.6.x and all versions of BIG-IQ 8.x, 7.x, and 6.x are vulnerable to cross-site request forgery CSRF attacks through iControl SOAP. Note: Software versions...

9.1AI score0.00481EPSS
Exploits0References1
CNVD
CNVD
added 2021/08/26 12:0 a.m.34 views

F5 BIG-IP iControl SOAP CSRF Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A CSRF vulnerability exists in F5 BIG-IP iControl SOAP, which could be exploited by an attacker to potentially trick...

8.8CVSS4.9AI score0.00481EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/08/24 12:0 a.m.8 views

F5 BIG-IP 跨站请求伪造漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A CSRF vulnerability exists in F5 BIG-IP iControl SOAP, which could be exploited by an attacker to potentially trick...

8.8CVSS5.7AI score0.00481EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2016/09/06 12:0 a.m.47 views

SOL65460334 - Expat XML parser vulnerability CVE-2012-6702

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5.9CVSS2.1AI score0.02371EPSS
Exploits0References8
Rows per page
Query Builder