Known vulnerabilities in F5 Networks BIG-IP ASM 14.1.2.1.0.115.4-ENG Hotfix

Vendor: F5 Networks

Website: https://f5.com/

Total Security Bulletins: 40

Security bulletins (40)

Secuity bulletin	Severity	Status	Published
SB2023020310: Denial of service in BIG-IP Advanced WAF and ASM bd process	Medium	Patched	03.02.2023
SB2022110279: F5 BIG-IP and BIG-IQ Centralized Management update for libexpat	High	Patched	02.11.2022
SB2022011950: Arbitrary file upload in BIG-IP ASM and Advanced WAF REST API	Medium	Patched	19.01.2022
SB2022011948: XXE in IG-IP ASM and Advanced WAF TMUI	Low	Patched	19.01.2022
SB2021042915: Improper authorization in BIG-IP Advanced WAF and ASM REST API	Low	Patched	29.04.2021
SB2021042914: Denial of service when processing WebSocket requests in BIG-IP ASM and Advanced WAF	Medium	Patched	29.04.2021
SB2021031609: Remote authenticated command execution in BIG-IP Advanced WAF/ASM TMUI	Medium	Patched	16.03.2021
SB2021031608: Remote authenticated command execution in BIg-IP Appliance mode Advanced WAF/ASM TMUI	Medium	Patched	16.03.2021
SB2021031607: Remote authenticated command execution in BIG-IP TMUI	High	Patched	16.03.2021
SB2021031606: Remote authenticated command execution in BIG-IP Appliance mode TMUI	High	Patched	16.03.2021
SB2021031605: Remote code execution in BIG-IP Advanced WAF/ASM	High	Patched	16.03.2021
SB2021031604: Denial of service in BIG-IP MPTCP	Medium	Patched	16.03.2021
SB2021031202: Denial of service in glibc implementation in F5 BIG-IP and F5OS	Low	Not patched	12.03.2021
SB2021031201: Denial of service in Linux kernel ext3/ext4 file system in F5 BIG-IP	Low	Not patched	12.03.2021
SB2021031121: Cross-site scripting in BIG-IP iControl REST API	Medium	Patched	11.03.2021
SB2021031120: Buffer overflow in F5 BIG-IP TMM	High	Patched Exploited	11.03.2021
SB2021031119: Cross-site scripting in BIG-IP Advanced WAF and ASM	Medium	Patched	11.03.2021
SB2021031117: SYN flood denial of service in BIG-IP SNAT implementation	Medium	Patched	11.03.2021
SB2021031116: Denial of service in BIG-IP MPTCP	Medium	Patched	11.03.2021
SB2021031106: Denial of service in BIG-IP ASM iControl REST	Medium	Patched	11.03.2021
SB2021031104: Denial of srevice in HTTP/2 implementation in F5 BIG-IP	Medium	Patched	11.03.2021
SB2021030902: System tracking vulnerability in Linux kernel in F5 BIP-IP products	Medium	Not patched	09.03.2021
SB2021030501: Remote code execution in BIND in multiple F5 BIG-IP products	High	Not patched	05.03.2021
SB2021022421: Denial of service in Node.js component in multiple F5 BIG-IP products	Medium	Not patched	24.02.2021
SB2021021903: Information disclosure in curl implementation within Command Line Interface, EAV Monitors and iRules components in F5 BIG-IP products	Medium	Not patched	19.02.2021
SB2021021902: Improper certificate revocation in curl implementation within Command Line Interface, EAV Monitors and iRules components in F5 BIG-IP products	Medium	Not patched	19.02.2021
SB2021021117: Denial of service when processing WebSocket requests in BIG-IP Advanced WAF and ASM	Medium	Patched	11.02.2021
SB2021021113: Cross-site scripting in iControl REST in F5 BIG-IP	Low	Patched	11.02.2021
SB2021021111: Race condition in iControl REST component in F5 BIG-IP	Medium	Patched	11.02.2021
SB2021021108: Multiple vulnerabilities in BIG-IP TMM	Medium	Patched	11.02.2021
SB2021021107: Buffer overflow in iRules LX component in F5 BIG-IP products	Medium	Patched	11.02.2021
SB2021021105: Cross-site scripting in BIG-IP FPS	Medium	Patched	11.02.2021
SB2021020901: Local denial of service in Linux kernel in F5 BIG-IP products	Low	Not patched	09.02.2021
SB2020122316: Buffer overflow in cURL component in F5 Networks products	Medium	Patched	23.12.2020
SB2020121738: Denial of service in BIG-IP AVRD	Medium	Patched	17.12.2020
SB2020121736: Denial of service in F5 BIG-IP ASM and Advanced WAF	Medium	Patched	17.12.2020
SB2020121734: Information disclosure in F5 BIG-IP iAppsLX	Low	Patched	17.12.2020
SB2020060252: Authentication bypass in NTP component in F5 BIG-IP	Low	Not patched	02.06.2020
SB2019122802: Memory Exhaustion in F5 Networks BIG-IP ASM	Medium	Patched	28.12.2019

Showing elements 1 - 40 out of 58