Known vulnerabilities in F5 Networks BIG-IP ASM

Vendor: F5 Networks

Website: https://f5.com/

Total Security Bulletins: 123

Security bulletins (123)

Secuity bulletin	Severity	Status	Published
SB2025020738: Denial of service in BIG-IP ASM BADoS	Medium	Patched	07.02.2025
SB2023020310: Denial of service in BIG-IP Advanced WAF and ASM bd process	Medium	Patched	03.02.2023
SB2022110279: F5 BIG-IP and BIG-IQ Centralized Management update for libexpat	High	Patched	02.11.2022
SB2022011950: Arbitrary file upload in BIG-IP ASM and Advanced WAF REST API	Medium	Patched	19.01.2022
SB2022011948: XXE in IG-IP ASM and Advanced WAF TMUI	Low	Patched	19.01.2022
SB2021082612: Privilege escalation in F5 BIG-IP Advanced WAF and BIG-IP ASM	Medium	Patched	26.08.2021
SB2021082512: Denial of service in F5 BIG-IP products	Low	Patched	25.08.2021
SB2021042921: Sessoin expiration failure in BIG-IP Advanced WAF and ASM	Low	Patched	29.04.2021
SB2021042917: Denial of service in BIG-IP TMM	Medium	Patched	29.04.2021
SB2021042915: Improper authorization in BIG-IP Advanced WAF and ASM REST API	Low	Patched	29.04.2021
SB2021042914: Denial of service when processing WebSocket requests in BIG-IP ASM and Advanced WAF	Medium	Patched	29.04.2021
SB2021031609: Remote authenticated command execution in BIG-IP Advanced WAF/ASM TMUI	Medium	Patched	16.03.2021
SB2021031608: Remote authenticated command execution in BIg-IP Appliance mode Advanced WAF/ASM TMUI	Medium	Patched	16.03.2021
SB2021031607: Remote authenticated command execution in BIG-IP TMUI	High	Patched	16.03.2021
SB2021031606: Remote authenticated command execution in BIG-IP Appliance mode TMUI	High	Patched	16.03.2021
SB2021031605: Remote code execution in BIG-IP Advanced WAF/ASM	High	Patched	16.03.2021
SB2021031604: Denial of service in BIG-IP MPTCP	Medium	Patched	16.03.2021
SB2021031603: Denial of service in BIG-IP TMM	Medium	Patched	16.03.2021
SB2021031202: Denial of service in glibc implementation in F5 BIG-IP and F5OS	Low	Not patched	12.03.2021
SB2021031201: Denial of service in Linux kernel ext3/ext4 file system in F5 BIG-IP	Low	Not patched	12.03.2021
SB2021031122: Denial of service in BIG-IP glibc implementation	Medium	Not patched	11.03.2021
SB2021031121: Cross-site scripting in BIG-IP iControl REST API	Medium	Patched	11.03.2021
SB2021031120: Buffer overflow in F5 BIG-IP TMM	High	Patched Exploited	11.03.2021
SB2021031119: Cross-site scripting in BIG-IP Advanced WAF and ASM	Medium	Patched	11.03.2021
SB2021031117: SYN flood denial of service in BIG-IP SNAT implementation	Medium	Patched	11.03.2021
SB2021031116: Denial of service in BIG-IP MPTCP	Medium	Patched	11.03.2021
SB2021031106: Denial of service in BIG-IP ASM iControl REST	Medium	Patched	11.03.2021
SB2021031104: Denial of srevice in HTTP/2 implementation in F5 BIG-IP	Medium	Patched	11.03.2021
SB2021031102: Remote code execution in iControl REST API in multiple F5 BIG-IP products	High	Patched Exploited	11.03.2021
SB2021030902: System tracking vulnerability in Linux kernel in F5 BIP-IP products	Medium	Not patched	09.03.2021
SB2021030501: Remote code execution in BIND in multiple F5 BIG-IP products	High	Not patched	05.03.2021
SB2021022421: Denial of service in Node.js component in multiple F5 BIG-IP products	Medium	Not patched	24.02.2021
SB2021021905: Denial of service in curl implementation for Command Line Interface, EAV Monitors, iRules components in F5 BIG-IP products	Low	Not patched	19.02.2021
SB2021021903: Information disclosure in curl implementation within Command Line Interface, EAV Monitors and iRules components in F5 BIG-IP products	Medium	Not patched	19.02.2021
SB2021021902: Improper certificate revocation in curl implementation within Command Line Interface, EAV Monitors and iRules components in F5 BIG-IP products	Medium	Not patched	19.02.2021
SB2021021113: Cross-site scripting in iControl REST in F5 BIG-IP	Low	Patched	11.02.2021
SB2021021111: Race condition in iControl REST component in F5 BIG-IP	Medium	Patched	11.02.2021
SB2021021108: Multiple vulnerabilities in BIG-IP TMM	Medium	Patched	11.02.2021
SB2021021107: Buffer overflow in iRules LX component in F5 BIG-IP products	Medium	Patched	11.02.2021

Showing elements 1 - 40 out of 123