F5 Big-Ip Application Acceleration Manager vulnerabilities
485 known vulnerabilities affecting f5/big-ip_application_acceleration_manager.
Total CVEs
485
CISA KEV
11
actively exploited
Public exploits
19
Exploited in wild
11
Severity breakdown
CRITICAL36HIGH274MEDIUM170LOW5
Vulnerabilities
Page 19 of 25
CVE-2018-15312MEDIUMCVSS 6.1≥ 12.1.0, ≤ 12.1.3.6≥ 13.0.0, ≤ 13.1.1.12018-10-19
CVE-2018-15312 [MEDIUM] CWE-79 CVE-2018-15312: On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, a reflected Cross-Site Scripting (XSS) vulnerabili
On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, a reflected Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an authenticated user to execute JavaScript for the currently logged-in user.
nvd
CVE-2018-15315MEDIUMCVSS 6.1≥ 12.1.0, ≤ 12.1.3.6≥ 13.0.0, ≤ 13.1.1.12018-10-19
CVE-2018-15315 [MEDIUM] CWE-79 CVE-2018-15315: On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a reflected Cross Site Scripting (XSS) vu
On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a reflected Cross Site Scripting (XSS) vulnerability in an undisclosed Configuration Utility page.
nvd
CVE-2018-15311MEDIUMCVSS 5.9≥ 11.5.1, ≤ 11.5.6≥ 11.6.0.0, ≤ 11.6.3.2+2 more2018-10-10
CVE-2018-15311 [MEDIUM] CVE-2018-15311: When F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.5.1-11.5.6 is processing spe
When F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.5.1-11.5.6 is processing specially crafted TCP traffic with the Large Receive Offload (LRO) feature enabled, TMM may crash, leading to a failover event. This vulnerability is not exposed unless LRO is enabled, so most affected customers will be on 13.1.x. LRO has been available since 11
nvd
CVE-2016-7475HIGHCVSS 7.5≥ 11.4.0, ≤ 11.6.1≥ 12.0.0, ≤ 12.1.02018-10-08
CVE-2016-7475 [HIGH] CWE-20 CVE-2016-7475: Under some circumstances on BIG-IP 12.0.0-12.1.0, 11.6.0-11.6.1, or 11.4.0-11.5.4 HF1, the Traffic M
Under some circumstances on BIG-IP 12.0.0-12.1.0, 11.6.0-11.6.1, or 11.4.0-11.5.4 HF1, the Traffic Management Microkernel (TMM) may not properly clean-up pool member network connections when using SPDY or HTTP/2 virtual server profiles.
nvd
CVE-2018-14634HIGHCVSS 7.8KEVPoC≥ 11.2.1, < 11.6.4≥ 12.1.0, < 12.1.5+3 more2018-09-25
CVE-2018-14634 [HIGH] CWE-190 CVE-2018-14634: An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileg
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.
nvd
CVE-2018-5391HIGHCVSS 7.5Exploited≥ 11.5.1, < 11.6.5.1≥ 12.1.0, < 12.1.5+3 more2018-09-06
CVE-2018-5391 [HIGH] CWE-400 CVE-2018-5391: The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of speci
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current
nvd
CVE-2018-5390HIGHCVSS 7.5≥ 11.5.1, ≤ 11.6.3≥ 12.1.0, ≤ 12.1.3+2 more2018-08-06
CVE-2018-5390 [HIGH] CWE-400 CVE-2018-5390: Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() an
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.
nvd
CVE-2018-5530HIGHCVSS 7.5≥ 11.6.0, ≤ 11.6.3.1≥ 12.1.0, ≤ 12.1.3.5+1 more2018-07-25
CVE-2018-5530 [HIGH] CWE-400 CVE-2018-5530: F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.1 virtual servers with HTTP/2 profiles
F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.1 virtual servers with HTTP/2 profiles enabled are vulnerable to "HPACK Bomb".
nvd
CVE-2018-5542HIGHCVSS 8.1≥ 11.2.1, ≤ 11.6.3≥ 12.1.0, ≤ 12.1.3+1 more2018-07-25
CVE-2018-5542 [HIGH] CWE-20 CVE-2018-5542: F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.6, or 11.2.1-11.6.3.2 HTTPS health monitors do not validate t
F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.6, or 11.2.1-11.6.3.2 HTTPS health monitors do not validate the identity of the monitored server.
nvd
CVE-2018-5531HIGHCVSS 7.4≥ 11.2.1, ≤ 11.5.6≥ 11.6.0, ≤ 11.6.3.1+2 more2018-07-25
CVE-2018-5531 [HIGH] CWE-20 CVE-2018-5531: Through undisclosed methods, on F5 BIG-IP 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2
Through undisclosed methods, on F5 BIG-IP 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6, adjacent network attackers can cause a denial of service for VCMP guest and host systems. Attack must be sourced from adjacent network (layer 2).
nvd
CVE-2018-5537MEDIUMCVSS 5.3≥ 11.2.1, ≤ 11.5.6≥ 11.6.0, ≤ 11.6.3.1+2 more2018-07-25
CVE-2018-5537 [MEDIUM] CWE-20 CVE-2018-5537: A remote attacker may be able to disrupt services on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.
A remote attacker may be able to disrupt services on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 if the TMM virtual server is configured with a HTML or a Rewrite profile. TMM may restart while processing some specially prepared HTML content from the back end.
nvd
CVE-2018-5533HIGHCVSS 7.5≥ 11.5.0, ≤ 11.5.6≥ 11.6.0, ≤ 11.6.3.1+2 more2018-07-19
CVE-2018-5533 [HIGH] CWE-20 CVE-2018-5533: Under certain conditions on F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM
Under certain conditions on F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM may core while processing SSL forward proxy traffic.
nvd
CVE-2018-5534HIGHCVSS 7.5≥ 11.5.0, ≤ 11.5.6≥ 11.6.0, ≤ 11.6.3.1+3 more2018-07-19
CVE-2018-5534 [HIGH] CWE-20 CVE-2018-5534: Under certain conditions on F5 BIG-IP 13.1.0-13.1.0.5, 13.0.0, 12.1.0-12.1.3.1, 11.6.0-11.6.3.1, or
Under certain conditions on F5 BIG-IP 13.1.0-13.1.0.5, 13.0.0, 12.1.0-12.1.3.1, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM may core while processing SSL forward proxy traffic.
nvd
CVE-2018-5535HIGHCVSS 7.5≥ 11.2.1, ≤ 11.6.3≥ 12.1.0, ≤ 12.1.3+2 more2018-07-19
CVE-2018-5535 [HIGH] CWE-20 CVE-2018-5535: On F5 BIG-IP 14.0.0, 13.0.0-13.1.0, 12.1.0-12.1.3, or 11.5.1-11.6.3 specifically crafted HTTP respon
On F5 BIG-IP 14.0.0, 13.0.0-13.1.0, 12.1.0-12.1.3, or 11.5.1-11.6.3 specifically crafted HTTP responses, when processed by a Virtual Server with an associated QoE profile that has Video enabled, may cause TMM to incorrectly buffer response data causing the TMM to restart resulting in a Denial of Service.
nvd
CVE-2018-5532MEDIUMCVSS 5.3≥ 11.2.1, ≤ 11.5.6≥ 11.6.0, ≤ 11.6.3.1+2 more2018-07-19
CVE-2018-5532 [MEDIUM] CVE-2018-5532: On F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 a domain name cached within th
On F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 a domain name cached within the DNS Cache of TMM may continue to be resolved by the cache even after the parent server revokes the record, if the DNS Cache is receiving a stream of requests for the cached name.
nvd
CVE-2018-13405HIGHCVSS 7.8PoC≥ 13.0.0, < 13.1.3.5≥ 14.0.0, < 14.1.3.1+3 more2018-07-06
CVE-2018-13405 [HIGH] CWE-269 CVE-2018-13405: The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to c
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is th
nvd
CVE-2018-5527HIGHCVSS 7.5≥ 13.0.0, ≤ 13.1.0.72018-06-27
CVE-2018-5527 [HIGH] CWE-772 CVE-2018-5527: On BIG-IP 13.1.0-13.1.0.7, a remote attacker using undisclosed methods against virtual servers confi
On BIG-IP 13.1.0-13.1.0.7, a remote attacker using undisclosed methods against virtual servers configured with a Client SSL or Server SSL profile that has the SSL Forward Proxy feature enabled can force the Traffic Management Microkernel (tmm) to leak memory. As a result, system memory usage increases over time, which may eventually cause a decrease in
nvd
CVE-2018-5513HIGHCVSS 7.5≥ 11.2.1, ≤ 11.5.5≥ 11.6.1, ≤ 11.6.3+3 more2018-06-01
CVE-2018-5513 [HIGH] CWE-20 CVE-2018-5513: On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.3, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, a
On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.3, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, a malformed TLS handshake causes TMM to crash leading to a disruption of service. This issue is only exposed on the data plane when Proxy SSL configuration is enabled. The control plane is not impacted by this issue.
nvd
CVE-2018-5523HIGHCVSS 7.2≥ 11.5.1, ≤ 11.5.5≥ 11.6.1, ≤ 11.6.3+4 more2018-06-01
CVE-2018-5523 [HIGH] CVE-2018-5523: On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 and
On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 and Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.
nvd
CVE-2018-5525MEDIUMCVSS 4.3≥ 11.2.1, ≤ 11.5.5≥ 11.6.0, ≤ 11.6.3+2 more2018-06-01
CVE-2018-5525 [MEDIUM] CWE-200 CVE-2018-5525: A local file vulnerability exists in the F5 BIG-IP Configuration utility on versions 13.0.0, 12.1.0-
A local file vulnerability exists in the F5 BIG-IP Configuration utility on versions 13.0.0, 12.1.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 that exposes files containing F5-provided data only and do not include any configuration data, proxied traffic, or other potentially sensitive customer data.
nvd