CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

674 matches found

Positive Technologies•added 2022/05/05 12:0 a.m.•4 views

PT-2022-17831 · F5 · F5 Big-Ip

Name of the Vulnerable Software and Affected Versions: F5 BIG-IP versions 12.1.x F5 BIG-IP versions 13.1.x prior to 13.1.5 F5 BIG-IP versions 14.1.x prior to 14.1.4.6 F5 BIG-IP versions 15.1.x prior to 15.1.5.1 F5 BIG-IP versions 16.1.x prior to 16.1.2.2 Description: An authenticated user assigne...

9.1CVSS9AI score0.00676EPSS

Exploits0References3

Tenable Nessus•added 2022/05/05 12:0 a.m.•26 views

F5 Networks BIG-IP : Authenticated iControl REST in Appliance mode vulnerability (K81952114)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K81952114 advisory. - On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1,...

9.1CVSS7.2AI score0.00676EPSS

Exploits0References2

Tenable Nessus•added 2022/05/05 12:0 a.m.•212 views

F5 Networks BIG-IP : BIG-IP iControl REST vulnerability (K23605346)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K23605346 advisory. - On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1,...

9.8CVSS8.8AI score0.99956EPSS

Exploits63References2

Tenable Nessus•added 2022/05/05 12:0 a.m.•56 views

F5 Networks BIG-IP : iControl SOAP vulnerability (K59904248)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K59904248 advisory. - On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1,...

4.3CVSS5.3AI score0.01438EPSS

Exploits0References2

ATTACKERKB•added 2022/05/04 8:34 p.m.•5 views

CVE-2022-1468

On all versions of 17.0.x, 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x on F5 BIG-IP, an authenticated iControl REST user with at least guest role privileges can cause processing delays to iControl REST requests via undisclosed requests. Note: Software versions which have reached End of...

4.3CVSS5.5AI score0.00745EPSS

Exploits0References2Affected Software1

ATTACKERKB•added 2022/05/04 7:11 p.m.•4 views

CVE-2022-29474

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, a directory traversal vulnerability exists in iControl SOAP that allows an authenticated attacker with at...

4.3CVSS5.9AI score0.01438EPSS

Exploits0References2Affected Software1

ATTACKERKB•added 2022/05/04 2:0 p.m.•3 views

CVE-2022-26835

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, directory traversal vulnerabilities exist in undisclosed iControl REST endpoints and TMOS Shell tmsh comman...

4.9CVSS6AI score0.01737EPSS

Exploits0References2Affected Software1

ATTACKERKB•added 2022/05/04 12:0 a.m.•123 views

CVE-2022-1388

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End o...

9.8CVSS9.8AI score0.99956EPSS

In wildExploits63References6

CNNVD•added 2022/05/04 12:0 a.m.•2 views

F5 BIG-IP 路径遍历漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A directory traversal vulnerability exists in F5 BIG-IP iControl SOAP, which can be exploited by an attacker to send a crafted...

4.3CVSS5.3AI score0.01438EPSS

Exploits0References4

CNNVD•added 2022/05/04 12:0 a.m.•3 views

F5 BIG-IP 访问控制错误漏洞

F5 BIG-IP is an application delivery platform that integrates traffic management, DNS, inbound and outbound rules, web application firewall, web gateway, load balancing and other functions. F5 BIG-IP iControl REST authentication bypass vulnerability, the vulnerability is due to the authentication...

9.8CVSS9AI score0.99956EPSS

Exploits63References13

Tenable Nessus•added 2022/05/04 12:0 a.m.•33 views

F5 Networks BIG-IP : BIG-IP iControl REST and tmsh vulnerabilities (K53197140)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K53197140 advisory. - On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1,...

4.9CVSS5.7AI score0.01737EPSS

Exploits0References2

OSV•added 2022/01/25 8:15 p.m.•3 views

CVE-2022-23023

On BIG-IP version 16.1.x before 16.1.2.1, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all versions of 13.1.x and 12.1.x, and BIG-IQ all versions of 8.x and 7.x, undisclosed requests by an authenticated iControl REST user can cause an increase in memory resource utilization. Note: Software...

6.5CVSS5.8AI score0.00895EPSS

Exploits0References1

ATTACKERKB•added 2022/01/25 8:15 p.m.•5 views

CVE-2022-23023

6.5CVSS5.8AI score0.00895EPSS

Exploits0References2

CVE•added 2022/01/25 7:11 p.m.•103 views

CVE-2022-23023

CVE-2022-23023 affects F5 BIG-IP and BIG-IQ where undisclosed requests by an authenticated iControl REST user can cause memory resource utilization to rise, potentially degrading performance or causing DoS. Affected branches include BIG-IP 16.x before 16.1.2.1, 15.x before 15.1.5, 14.x before 14....

6.5CVSS6.6AI score0.00895EPSS

Exploits0References1Affected Software15

Tenable Nessus•added 2022/01/19 12:0 a.m.•26 views

F5 Networks BIG-IP : iControl REST vulnerability (K11742742)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.5 / 15.1.5 / 16.1.2.1 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K11742742 advisory. Undisclosed requests by an authenticated iControl REST user can cause an increase in...

6.5CVSS6.5AI score0.00895EPSS

Exploits0References2

CISA KEV Catalog•added 2021/11/03 12:0 a.m.•19 views

F5 BIG-IP and BIG-IQ Centralized Management iControl REST Remote Code Execution Vulnerability

F5 BIG-IP and BIG-IQ Centralized Management contain a remote code execution vulnerability in the iControl REST interface that allows unauthenticated attackers with network access to execute system commands, create or delete files, and disable services...

10CVSS9.6AI score0.99898EPSS

In wildExploits20

Tenable Nessus•added 2021/10/28 12:0 a.m.•36 views

F5 Networks BIG-IP : Appliance Mode authenticated iControl REST vulnerability (K74151369)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.4 / 14.1.4.2 / 15.1.3 / 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K74151369 advisory. - On BIG-IP 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.0.8 through 13.1.3.6, an...

7.2CVSS7.1AI score0.01343EPSS

Exploits0References2

OSV•added 2021/09/14 10:15 p.m.•3 views

CVE-2021-23026

BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x and 11.6.x and all versions of BIG-IQ 8.x, 7.x, and 6.x are vulnerable to cross-site request forgery CSRF attacks through iControl SOAP. Note: Software versions...

8.8CVSS5.7AI score0.00466EPSS

Exploits0References1