Known vulnerabilities in F5 Networks BIG-IP 12.1.6

Vendor: F5 Networks

Website: https://f5.com/

Total Security Bulletins: 33

Security bulletins (33)

Secuity bulletin	Severity	Status	Published
SB20250227221: Session fixation in F5 BIG-IP Apache Tomcat component	Low	Not patched	27.02.2025
SB20250227207: HTTP request smuggling in F5 BIG-IP Apache Tomcat component	Medium	Not patched	27.02.2025
SB2022051005: Missing authentication in BIG-IP iControl REST API	High	Patched Exploited	10.05.2022
SB2022050520: Path traversal in BIG-IP iControl REST and tmsh	Low	Patched	05.05.2022
SB2022050518: Path traversal in F5 iControl SOAP	Low	Patched	05.05.2022
SB2022050516: Denial of service in BIG-IP TMM IPv6	Medium	Patched	05.05.2022
SB2022050513: Denial of service in BIG-IP big3d	Medium	Patched	05.05.2022
SB2022040401: Memory leak in BIG-IP Linux kernel	Low	Not patched	04.04.2022
SB2022032828: Denial of service in F5 BIG-IP control panel and TMM (OpenSSL component)	Medium	Not patched	28.03.2022
SB2022020720: Denial of service in F5 BIG-IP (Expat library)	Medium	Patched	07.02.2022
SB2022020716: Intege roverflow in F5 BIG-IP Perl	High	Patched	07.02.2022
SB2022012025: Denial of service in BIG-IP FastL4 profile	Medium	Patched	20.01.2022
SB2022012021: Incorrect Comparison in BIG-IP virtual server with FastL4 profile	Medium	Patched	20.01.2022
SB2022012006: Denial of service in BIG-IP iControl REST API	Low	Patched	20.01.2022
SB2022011949: Denial of service in BIG-IP MRF Diameter	Medium	Patched	19.01.2022
SB2021110822: Denial of service in F5 BIG-IP BIND	Medium	Not patched	08.11.2021
SB2021101552: F5 BIG-IP update for iAppsLX/iRulesLX	Medium	Patched	15.10.2021
SB2021101306: Denial of service in BIG-IP httpd component	Medium	Not patched	13.10.2021
SB2021100303: Information disclosure in OpenSSL component in BIG-IP	Medium	Not patched	03.10.2021
SB2021083011: Denial of service in F5 TMM GTP	Medium	Patched	30.08.2021
SB2021083009: Denial of service in F5 BIG-IP TMM	Medium	Patched	30.08.2021
SB2021083008: Path traversal in F5 BIG-IP TMUI	Medium	Not patched	30.08.2021
SB2021083007: Cross-site scripting in F5 BIG-IP TMUI	Low	Patched	30.08.2021
SB2021083006: Denial of service in F5 BIG-IP compression driver	Medium	Patched	30.08.2021
SB2021082711: OS Command Injection in F5 BIG-IP TMUI	Low	Patched	27.08.2021
SB2021082514: Stored cross-site scripting in F5 BIG-IP	Low	Patched	25.08.2021
SB2021082512: Denial of service in F5 BIG-IP products	Low	Patched	25.08.2021
SB2021080807: HTTP request smuggling in BIG-IP Apache Tomcat component	Medium	Not patched	08.08.2021
SB2021071534: F5 BIG-IP update for glibc	Medium	Patched	15.07.2021
SB2021060206: Infinite loop in python tarfile library in F5 BIG-IP products	Medium	Not patched	02.06.2021
SB2021051902: Denial of service in F5 BIG-IP BIND	Medium	Not patched	19.05.2021
SB2021051901: Denial of service in F5 BIG-IP BIND	Low	Not patched	19.05.2021
SB2020120234: Privilege escalation in F5 BIG-IP Intel CPU firmware	Low	Not patched	02.12.2020