F5 Networks Inc Big-Ip Afm vulnerabilities
4 known vulnerabilities affecting f5_networks_inc/big-ip_afm.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2018-15314MEDIUMCVSS 6.1v13.0.0-13.1.1.1v12.1.0-12.1.3.62018-10-19
CVE-2018-15314 [MEDIUM] CWE-79 CVE-2018-15314: On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a Reflected Cross Site Scripting vuln
On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a Reflected Cross Site Scripting vulnerability in undisclosed TMUI page.
nvd
CVE-2018-15313MEDIUMCVSS 6.1v13.0.0-13.1.1.1v12.1.0-12.1.3.62018-10-19
CVE-2018-15313 [MEDIUM] CWE-79 CVE-2018-15313: On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a Reflected Cross Site Scripting vuln
On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a Reflected Cross Site Scripting vulnerability in undisclosed TMUI page.
nvd
CVE-2017-6142MEDIUMCVSS 4.8v13.0.0v12.1.0 - 12.1.2+1 more2018-01-19
CVE-2017-6142 [MEDIUM] CWE-295 CVE-2017-6142: X509 certificate verification was not correctly implemented in the early access "user id" feature in
X509 certificate verification was not correctly implemented in the early access "user id" feature in the F5 BIG-IP Advanced Firewall Manager versions 13.0.0, 12.1.0-12.1.2, and 11.6.0-11.6.2, and thus did not properly validate the remote server's identity on certain versions of BIG-IP.
nvd
CVE-2017-0304MEDIUMCVSS 5.4v12.0.0, 12.1.0, 12.1.1, 12.1.2v13.0.02017-12-21
CVE-2017-0304 [MEDIUM] CWE-89 CVE-2017-0304: A SQL injection vulnerability exists in the BIG-IP AFM management UI on versions 12.0.0, 12.1.0, 12.
A SQL injection vulnerability exists in the BIG-IP AFM management UI on versions 12.0.0, 12.1.0, 12.1.1, 12.1.2 and 13.0.0 that may allow a copy of the firewall rules to be tampered with and impact the Configuration Utility until there is a resync of the rules. Traffic processing and the live firewall rules in use are not affected.
nvd