F5 Big-Ip Application Security Manager vulnerabilities
540 known vulnerabilities affecting f5/big-ip_application_security_manager.
Total CVEs
540
CISA KEV
11
actively exploited
Public exploits
23
Exploited in wild
11
Severity breakdown
CRITICAL43HIGH310MEDIUM180LOW7
Vulnerabilities
Page 23 of 27
CVE-2018-5511HIGHCVSS 7.2PoCv13.0.0v13.1.02018-04-13
CVE-2018-5511 [HIGH] CWE-470 CVE-2018-5511: On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated administrative users execute commands in
On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated administrative users execute commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.
nvd
CVE-2017-6143MEDIUMCVSS 5.4≥ 11.5.1, ≤ 11.5.5≥ 11.6.1, ≤ 11.6.2+1 more2018-04-13
CVE-2017-6143 [MEDIUM] CWE-295 CVE-2017-6143: X509 certificate verification was not correctly implemented in the IP Intelligence Subscription and
X509 certificate verification was not correctly implemented in the IP Intelligence Subscription and IP Intelligence feed-list features, and thus the remote server's identity is not properly validated in F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.2, or 11.5.0-11.5.5.
nvd
CVE-2017-6158MEDIUMCVSS 6.5≥ 11.5.1, ≤ 11.5.5≥ 11.6.0, ≤ 11.6.1+2 more2018-04-13
CVE-2017-6158 [MEDIUM] CVE-2017-6158: In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 there is a vulnerability in TMM
In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 there is a vulnerability in TMM related to handling of invalid IP addresses.
nvd
CVE-2017-6156MEDIUMCVSS 6.4≥ 11.5.1, ≤ 11.5.5≥ 12.1.0, ≤ 12.1.1+2 more2018-04-13
CVE-2017-6156 [MEDIUM] CVE-2017-6156: When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 system is configured with
When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 system is configured with a wildcard IPSec tunnel endpoint, it may allow a remote attacker to disrupt or impersonate the tunnels that have completed phase 1 IPSec negotiations. The attacker must possess the necessary credentials to negotiate the phase 1 of the IPSec exchange to exploit t
nvd
CVE-2016-7472HIGHCVSS 7.5v12.1.0v12.1.12018-04-03
CVE-2016-7472 [HIGH] CWE-20 CVE-2016-7472: F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS)
F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request.
nvd
CVE-2018-5509HIGHCVSS 7.5≥ 12.1.0, < 12.3.1.2≥ 13.0.0, < 13.1.0.42018-03-22
CVE-2018-5509 [HIGH] CWE-20 CVE-2018-5509: On F5 BIG-IP versions 13.0.0 or 12.1.0 - 12.1.3.1, when a specifically configured virtual server rec
On F5 BIG-IP versions 13.0.0 or 12.1.0 - 12.1.3.1, when a specifically configured virtual server receives traffic of an undisclosed nature, TMM will crash and take the configured failover action, potentially causing a denial of service. The configuration which exposes this issue is not common and in general does not work when enabled in previous versions
nvd
CVE-2018-5502HIGHCVSS 7.5≥ 13.0.0, < 13.1.0.42018-03-22
CVE-2018-5502 [HIGH] CWE-295 CVE-2018-5502: On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to disrupt services on the BIG-IP sys
On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to disrupt services on the BIG-IP system with maliciously crafted client certificate. This vulnerability affects virtual servers associated with Client SSL profile which enables the use of client certificate authentication. Client certificate authentication is not enabled by default in Clien
nvd
CVE-2018-5504HIGHCVSS 8.1≥ 12.1.0, < 12.1.3.2≥ 13.0.0, < 13.1.0.42018-03-22
CVE-2018-5504 [HIGH] CVE-2018-5504: In some circumstances, the Traffic Management Microkernel (TMM) does not properly handle certain mal
In some circumstances, the Traffic Management Microkernel (TMM) does not properly handle certain malformed Websockets requests/responses, which allows remote attackers to cause a denial-of-service (DoS) or possible remote code execution on the F5 BIG-IP system running versions 13.0.0 - 13.1.0.3 or 12.1.0 - 12.1.3.1.
nvd
CVE-2018-5505MEDIUMCVSS 5.9≥ 13.1.0, < 13.1.0.42018-03-22
CVE-2018-5505 [MEDIUM] CVE-2018-5505: On F5 BIG-IP versions 13.1.0 - 13.1.0.3, when ASM and AVR are both provisioned, TMM may restart whil
On F5 BIG-IP versions 13.1.0 - 13.1.0.3, when ASM and AVR are both provisioned, TMM may restart while processing DNS requests when the virtual server is configured with a DNS profile and the Protocol setting is set to TCP.
nvd
CVE-2014-4024MEDIUMCVSS 5.9≥ 10.0.0, ≤ 10.2.4≥ 11.0.0, ≤ 11.5.12018-03-19
CVE-2014-4024 [MEDIUM] CWE-200 CVE-2014-4024: SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x before 11.2.1 HF12, 11.3.0 bef
SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x before 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used with third-party Secure Sockets Layer (SSL) accelerator cards, might allow remote attackers to have unspecified impact via a timing side-channel attack.
nvd
CVE-2017-6150HIGHCVSS 7.5≥ 12.1.0, ≤ 12.1.3.1v13.0.02018-03-01
CVE-2017-6150 [HIGH] CWE-20 CVE-2017-6150: Under certain conditions for F5 BIG-IP systems 13.0.0 or 12.1.0 - 12.1.3.1, using FastL4 profiles, w
Under certain conditions for F5 BIG-IP systems 13.0.0 or 12.1.0 - 12.1.3.1, using FastL4 profiles, when the Reassemble IP Fragments option is disabled (default), some specific large fragmented packets may restart the Traffic Management Microkernel (TMM).
nvd
CVE-2017-6154HIGHCVSS 7.5≥ 11.6.1, ≤ 11.6.2≥ 12.1.0, ≤ 12.1.3.1+1 more2018-03-01
CVE-2017-6154 [HIGH] CWE-20 CVE-2017-6154: On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - 11.6.2, the BIG-IP ASM bd daemon
On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - 11.6.2, the BIG-IP ASM bd daemon may core dump memory under some circumstances when processing undisclosed types of data on systems with 48 or more CPU cores.
nvd
CVE-2018-5501MEDIUMCVSS 5.9≥ 11.5.1, ≤ 11.5.4≥ 11.6.1, ≤ 11.6.2+3 more2018-03-01
CVE-2018-5501 [MEDIUM] CWE-400 CVE-2018-5501: In some circumstances, on F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, any 11.6.x or 11.5.x
In some circumstances, on F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, any 11.6.x or 11.5.x release, or 11.2.1, TCP DNS profile allows excessive buffering due to lack of flow control.
nvd
CVE-2018-5500MEDIUMCVSS 5.9≥ 11.6.1, ≤ 11.6.2≥ 12.1.0, ≤ 12.1.3.1+1 more2018-03-01
CVE-2018-5500 [MEDIUM] CWE-400 CVE-2018-5500: On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - 11.6.2, every Multipath TCP (MCT
On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - 11.6.2, every Multipath TCP (MCTCP) connection established leaks a small amount of memory. Virtual server using TCP profile with Multipath TCP (MCTCP) feature enabled will be affected by this issue.
nvd
CVE-2017-6167HIGHCVSS 7.5≥ 12.1.0, ≤ 12.1.2v13.0.02017-12-21
CVE-2017-6167 [HIGH] CWE-362 CVE-2017-6167: In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software vers
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, race conditions in iControl REST may lead to commands being executed with different privilege levels than expected.
nvd
CVE-2017-6140HIGHCVSS 7.5v11.5.0v11.5.1+9 more2017-12-21
CVE-2017-6140 [HIGH] CWE-20 CVE-2017-6140: On the BIG-IP 2000s, 2200s, 4000s, 4200v, i5600, i5800, i7600, i7800, i10600,i10800, and VIPRION 445
On the BIG-IP 2000s, 2200s, 4000s, 4200v, i5600, i5800, i7600, i7800, i10600,i10800, and VIPRION 4450 blades, running version 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 12.1.0, 12.1.1 or 12.1.2 of BIG-IP LTM, AAM, AFM, Analytics, ASM, DNS, GTM or PEM, an undisclosed sequence of packets sent to Virtual Servers with client or server SS
nvd
CVE-2017-6164HIGHCVSS 8.1≥ 11.6.0, ≤ 11.6.1≥ 12.0.0, ≤ 12.1.2+6 more2017-12-21
CVE-2017-6164 [HIGH] CWE-20 CVE-2017-6164: In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAc
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, 12.0.0 - 12.1.2, 11.6.0 - 11.6.1 and 11.5.0 - 11.5.4, in some circumstances, Traffic Management Microkernel (TMM) does not properly handle certain malformed TLS1.2 records, which allows remote attackers to cau
nvd
CVE-2017-6133HIGHCVSS 7.5≥ 12.1.0, ≤ 12.1.2v13.0.02017-12-21
CVE-2017-6133 [HIGH] CWE-20 CVE-2017-6133: In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software vers
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, undisclosed HTTP requests may cause a denial of service.
nvd
CVE-2017-6151HIGHCVSS 7.5v13.0.02017-12-21
CVE-2017-6151 [HIGH] CVE-2017-6151: In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAc
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, undisclosed requests made to BIG-IP virtual servers which make use of the "HTTP/2 profile" may result in a disruption of service to TMM.
nvd
CVE-2017-6132HIGHCVSS 7.5≥ 11.6.0, ≤ 11.6.1≥ 12.0.0, ≤ 12.1.2+6 more2017-12-21
CVE-2017-6132 [HIGH] CWE-20 CVE-2017-6132: In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 and 11.5.0 - 11.5.4, an undisclosed sequence of packets sent to BIG-IP High Availability state mirror listeners (primary and/or secondary IP) may cause TMM to restart.
nvd