Big-ip Application Security Manager Security Vulnerabilities and Issues — Page 2 of Big-ip Application Security Manager CVE List

Lucene search

F5Big-ip Application Security Manager

58 matches found

CVE•added 2021/09/14 6:15 p.m.•48 views

CVE-2021-23034

On BIG-IP version 16.x before 16.1.0 and 15.1.x before 15.1.3.1, when a DNS profile using a DNS cache resolver is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have reached End of Technical...

7.5CVSS7.5AI score0.00916EPSS

CVE•added 2021/09/14 6:15 p.m.•48 views

CVE-2021-23035

On BIG-IP 14.1.x before 14.1.4.4, when an HTTP profile is configured on a virtual server, after a specific sequence of packets, chunked responses can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evalu...

7.5CVSS7.5AI score0.00862EPSS

CVE•added 2021/09/14 6:15 p.m.•47 views

CVE-2021-23038

On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x, a stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in...

9CVSS8.1AI score0.00542EPSS

CVE•added 2021/09/14 1:15 p.m.•47 views

CVE-2021-23049

On BIG-IP version 16.0.x before 16.0.1.2 and 15.1.x before 15.1.3, when the iRules RESOLVER::summarize command is used on a virtual server, undisclosed requests can cause an increase in Traffic Management Microkernel (TMM) memory utilization resulting in an out-of-memory condition and a denial-of-s...

7.5CVSS7.7AI score0.00891EPSS

CVE•added 2021/09/14 6:15 p.m.•46 views

CVE-2021-23037

On all versions of 16.1.x, 16.0.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: S...

9.6CVSS8.2AI score0.01182EPSS

CVE•added 2021/09/14 6:15 p.m.•45 views

CVE-2021-23039

On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.2.8, and all versions of 13.1.x and 12.1.x, when IPSec is configured on a BIG-IP system, undisclosed requests from an authorized remote (IPSec) peer, which already has a negotiated Security Association, can cause the Traffi...

7.5CVSS7.6AI score0.00574EPSS

CVE•added 2021/09/14 4:15 p.m.•45 views

CVE-2021-23044

On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x and 11.6.x, when the Intel QuickAssist Technology (QAT) compression driver is used on affected BIG-IP hardware and BIG-IP Virtual Edition (VE) platforms, undisclo...

7.5CVSS7.5AI score0.00891EPSS

CVE•added 2021/09/14 1:15 p.m.•40 views

CVE-2021-23048

On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x and 11.6.x, when GPRS Tunneling Protocol (GTP) iRules commands or a GTP profile is configured on a virtual server, undisclosed GTP messages can cause the Traf...

7.5CVSS7.7AI score0.00891EPSS

Total number of security vulnerabilities58