F5 Enterprise Manager vulnerabilities

39 known vulnerabilities affecting f5/enterprise_manager.

Total CVEs

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL6HIGH15MEDIUM17LOW1

Vulnerabilities

Page 2 of 2

CVE-2018-15321MEDIUMCVSS 4.9v3.1.12018-10-31

CVE-2018-15321 [MEDIUM] CWE-269 CVE-2018-15321: When BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BI When BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.1.0-2.3.0, or Enterprise Manager 3.1.1 is licensed for Appliance Mode, Admin and Resource administrator roles can by-pass BIG-IP Appliance Mode restric

nvd

CVE-2018-14634HIGHCVSS 7.8KEVPoCv3.1.12018-09-25

CVE-2018-14634 [HIGH] CWE-190 CVE-2018-14634: An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileg An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.

nvd

CVE-2018-5540MEDIUMCVSS 4.4v3.1.12018-07-19

CVE-2018-5540 [MEDIUM] CWE-732 CVE-2018-5540: On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5.1-11.5.6, Enterprise Manager 3 On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5.1-11.5.6, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.1.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.1.0-2.3.0 the big3d process does not irrevocably minimize group privileges at start up.

nvd

CVE-2018-5523HIGHCVSS 7.2v3.1.12018-06-01

CVE-2018-5523 [HIGH] CVE-2018-5523: On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 and On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 and Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.

nvd

CVE-2016-7469MEDIUMCVSS 5.4v3.1.12017-06-09

CVE-2016-7469 [MEDIUM] CWE-79 CVE-2016-7469: A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change pa A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML.

nvd

CVE-2017-6128HIGHCVSS 7.5v3.1.12017-05-01

CVE-2017-6128 [HIGH] CVE-2017-6128: An attacker may be able to cause a denial-of-service (DoS) attack against the sshd component in F5 B An attacker may be able to cause a denial-of-service (DoS) attack against the sshd component in F5 BIG-IP, Enterprise Manager, BIG-IQ, and iWorkflow.

nvd

CVE-2016-5022CRITICALCVSS 9.8v3.1.12016-09-07

CVE-2016-5022 [CRITICAL] CWE-284 CVE-2016-5022: F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 1 F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, Web

nvd

CVE-2015-4040MEDIUMCVSS 4.0PoCv3.0.0v3.1.0+1 more2015-09-17

CVE-2015-4040 [MEDIUM] CWE-22 CVE-2015-4040: Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterp Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors.

nvd

CVE-2015-4047HIGHCVSS 7.8≥ 3.0.0, ≤ 3.1.12015-05-29

CVE-2015-4047 [HIGH] CWE-476 CVE-2015-4047: racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL poin racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.

nvd

CVE-2014-6032MEDIUMCVSS 5.5v3.0.0v3.1.0+4 more2014-11-01

CVE-2014-6032 [MEDIUM] CVE-2014-6032: Multiple XML External Entity (XXE) vulnerabilities in the Configuration utility in F5 BIG-IP LTM, AS Multiple XML External Entity (XXE) vulnerabilities in the Configuration utility in F5 BIG-IP LTM, ASM, GTM, and Link Controller 11.0 through 11.6.0 and 10.0.0 through 10.2.4, AAM 11.4.0 through 11.6.0, ARM 11.3.0 through 11.6.0, Analytics 11.0.0 through 11.6.0, APM and Edge Gateway 11.0.0 through 11.6.0 and 10.1.0 through 10.2.4, PEM 11.3.0 through 11.6.0, PS

nvd

CVE-2014-4023MEDIUMCVSS 4.3v3.0.0v3.1.0+4 more2014-10-28

CVE-2014-4023 [MEDIUM] CWE-79 CVE-2014-4023: Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, AAM 11.4.0 before 11.6.0, AFM and PEM 11.3.0 before 11.6.0, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0 and

nvd

CVE-2014-2927CRITICALCVSS 9.3PoCv2.1.0v2.2.0+4 more2014-10-15

CVE-2014-2927 [CRITICAL] CWE-287 CVE-2014-2927: The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 befor The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a

nvd

CVE-2014-7169CRITICALCVSS 9.8KEVPoC≥ 2.1.0, ≤ 2.3.0≥ 3.0.0, ≤ 3.1.12014-09-25

CVE-2014-7169 [CRITICAL] CVE-2014-7169: GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definiti GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgi

nvd

CVE-2014-6271CRITICALCVSS 9.8KEVPoC≥ 2.1.0, ≤ 2.3.0≥ 3.0.0, ≤ 3.1.12014-09-24

CVE-2014-6271 [CRITICAL] CWE-78 CVE-2014-6271: GNU Bash through 4.3 processes trailing strings after function definitions in the values of environm GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts execute

nvd

CVE-2014-4027LOWCVSS 2.3≥ 3.0.0, ≤ 3.1.12014-06-23

CVE-2014-4027 [LOW] CWE-200 CVE-2014-4027: The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.1 The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator.

nvd

CVE-2014-3959MEDIUMCVSS 4.3v3.0.0v3.1.12014-06-03

CVE-2014-3959 [MEDIUM] CWE-79 CVE-2014-3959: Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 through 11.5.1, AAM 11.4.0 through 11.5.1 PEM 11.3.0 through 11.5.1, PSM 11.2.1 through 11.4.1, WebAccelerator and WOM 11.2.1 through 11.3.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remot

nvd

CVE-2014-0196MEDIUMCVSS 5.5KEVPoCv3.1.0v3.1.12014-05-07

CVE-2014-0196 [MEDIUM] CWE-362 CVE-2014-0196: The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.

nvd

CVE-2012-1493HIGHCVSS 7.8PoCv1.0v2.0+3 more2012-07-09

CVE-2012-1493 [HIGH] CWE-255 CVE-2012-1493: F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier fo

nvd

CVE-2011-3188CRITICALCVSS 9.1≥ 2.1.0, ≤ 2.3.0v3.0.02012-05-24

CVE-2011-3188 [CRITICAL] CVE-2011-3188: The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorith The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.

nvd

← Previous2 / 2