F5 Big-Ip Afm vulnerabilities

5 known vulnerabilities affecting f5/big-ip_afm.

Total CVEs

5

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH4MEDIUM1

Vulnerabilities

Page 1 of 1

CVE-2022-41806HIGHCVSS 7.5≥ 16.1.x, < 16.1.3.2≥ 15.1.x, < 15.1.5.12022-10-19

CVE-2022-41806 [HIGH] CWE-400 CVE-2022-41806: In versions 16.1.x before 16.1.3.2 and 15.1.x before 15.1.5.1, when BIG-IP AFM Network Address Trans In versions 16.1.x before 16.1.3.2 and 15.1.x before 15.1.5.1, when BIG-IP AFM Network Address Translation policy with IPv6/IPv4 translation rules is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization.

CVE-2022-28695HIGHCVSS 7.2≥ 16.1.x, < 16.1.2.2≥ 15.1.x, < 15.1.5.1+2 more2022-05-05

CVE-2022-28695 [HIGH] CWE-20 CVE-2022-28695: On F5 BIG-IP AFM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versio On F5 BIG-IP AFM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, an authenticated attacker with high privileges can upload a maliciously crafted file to the BIG-IP AFM Configuration utility, which allows an attacker to run arbitrary commands. Note: Software ve

CVE-2019-6672HIGHCVSS 7.5v15.0.0-15.0.1v14.0.0-14.1.2+1 more2019-11-27

CVE-2019-6672 [HIGH] CVE-2019-6672: On BIG-IP AFM 15.0.0-15.0.1, 14.0.0-14.1.2, and 13.1.0-13.1.3.1, when bad-actor detection is configu On BIG-IP AFM 15.0.0-15.0.1, 14.0.0-14.1.2, and 13.1.0-13.1.3.1, when bad-actor detection is configured on a wildcard virtual server on platforms with hardware-based sPVA, the performance of the BIG-IP AFM system is degraded.

CVE-2017-6166MEDIUMCVSS 5.9≥ 12.0.0, ≤ 12.1.12017-11-22

CVE-2017-6166 [MEDIUM] CWE-415 CVE-2017-6166: In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12.0.0 In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12.0.0 to 12.1.1, in some cases the Traffic Management Microkernel (TMM) may crash when processing fragmented packets. This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted while TMM restarts

CVE-2017-6168HIGHCVSS 7.4≥ 11.6.0, ≤ 11.6.2≥ 12.0.0, ≤ 12.1.2+1 more2017-11-17

CVE-2017-6168 [HIGH] CWE-203 CVE-2017-6168: On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encry