Known vulnerabilities in F5 Networks BIG-IP Next Central Manager

Known vulnerabilities in F5 Networks BIG-IP Next Central Manager

Vendor: F5 Networks

Website: https://f5.com/

Total Security Bulletins: 14

Security bulletins (14)

Secuity bulletin	Severity	Status	Published
SB2025041731: OpenSSH denial of service in BIG-IP Next	Medium	Not patched Public exploit	17.04.2025
SB2025020742: Inclusion of sensitive information into log files in BIG-IP Next Central Manager	Low	Patched	07.02.2025
SB2025020733: Denial of service in BIG-IP Next Central Manager API	Medium	Patched	07.02.2025
SB2025010301: F5 BIG-IP update for cURL	Low	Patched	03.01.2025
SB2024121646: F5 BIG-IP Next Central Manager update for Linux kernel	Low	Patched	16.12.2024
SB2024110835: OS command injection in F5 BIG-IP Next Central Manager OpenSSH component	Medium	Not patched Public exploit	08.11.2024
SB2024102827: BIG-IP Next Central Manager update for Python	Medium	Patched	28.10.2024
SB2024092445: Infinite loop in F5 BIG-IP Next Central Manager endpoints in API Gateway and Telemetry	Medium	Not patched	24.09.2024
SB2024081525: Inclusion of sensitive information into log files in F5 BIG-IP Next Central Manager	Low	Patched	15.08.2024
SB2024081523: Overly restrictive account lockout mechanism in F5 BIG-IP Next Central Manager webUI	Medium	Patched	15.08.2024
SB2024081519: Insufficient session expiration in F5 BIG-IP Next Central Manager	Medium	Patched	15.08.2024
SB2024080142: Speculative race condition in BIG-IP Next Central Manager	High	Not patched Exploited	01.08.2024
SB2024050927: MitM attack in F5 BIG-IP Next Central Manager	Medium	Patched	09.05.2024
SB2024050926: Multiple vulnerabilities in F5 BIG-IP Next Central Manager API	High	Patched Public exploit	09.05.2024