cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-41806,https://securityvulnerability.io/vulnerability/CVE-2022-41806,BIG-IP AFM NAT64 Policy Vulnerability CVE-2022-41806,"In versions 16.1.x before 16.1.3.2 and 15.1.x before 15.1.5.1, when BIG-IP AFM Network Address Translation policy with IPv6/IPv4 translation rules is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization.",F5,Big-ip Afm,7.5,HIGH,0.0008900000248104334,false,false,false,false,,false,false,2022-10-19T00:00:00.000Z,0
CVE-2022-41813,https://securityvulnerability.io/vulnerability/CVE-2022-41813,"BIG-IP PEM and AFM TMUI, TMSH and iControl vulnerability CVE-2022-41813","In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when BIG-IP is provisioned with PEM or AFM module, an undisclosed input can cause Traffic Management Microkernel (TMM) to terminate.",F5,Big-ip Afm & Pem,6.5,MEDIUM,0.001069999998435378,false,false,false,false,,false,false,2022-10-19T00:00:00.000Z,0
CVE-2022-28695,https://securityvulnerability.io/vulnerability/CVE-2022-28695,,"On F5 BIG-IP AFM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, an authenticated attacker with high privileges can upload a maliciously crafted file to the BIG-IP AFM Configuration utility, which allows an attacker to run arbitrary commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated",F5,Big-ip Afm,7.2,HIGH,0.001339999958872795,false,false,false,false,,false,false,2022-05-05T17:15:00.000Z,0
CVE-2022-23028,https://securityvulnerability.io/vulnerability/CVE-2022-23028,,"On BIG-IP AFM version 16.x before 16.1.0, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all versions of 13.1.x, when global AFM SYN cookie protection (TCP Half Open flood vector) is activated in the AFM Device Dos or DOS profile, certain types of TCP connections will fail. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",F5,Big-ip Afm,5.3,MEDIUM,0.0009200000204145908,false,false,false,false,,false,false,2022-01-25T19:11:35.000Z,0
CVE-2022-23024,https://securityvulnerability.io/vulnerability/CVE-2022-23024,,"On BIG-IP AFM version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.2, and all versions of 13.1.x, when the IPsec application layer gateway (ALG) logging profile is configured on an IPsec ALG virtual server, undisclosed IPsec traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",F5,Big-ip Afm,7.5,HIGH,0.0010300000431016088,false,false,false,false,,false,false,2022-01-25T19:11:28.000Z,0
CVE-2022-23018,https://securityvulnerability.io/vulnerability/CVE-2022-23018,,"On BIG-IP AFM version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and 13.1.x beginning in 13.1.3.4, when a virtual server is configured with both HTTP protocol security and HTTP Proxy Connect profiles, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",F5,Big-ip Afm,7.5,HIGH,0.0010300000431016088,false,false,false,false,,false,false,2022-01-25T19:11:25.000Z,0
CVE-2021-23040,https://securityvulnerability.io/vulnerability/CVE-2021-23040,,"On BIG-IP AFM version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x, a SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. This issue is exposed only when BIG-IP AFM is provisioned. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",F5,Big-ip Afm,8.8,HIGH,0.0008699999889358878,false,false,false,false,,false,false,2021-09-14T14:42:51.000Z,0
CVE-2021-22983,https://securityvulnerability.io/vulnerability/CVE-2021-22983,,"On BIG-IP AFM version 15.1.x before 15.1.1, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.5, authenticated users accessing the Configuration utility for AFM are vulnerable to a cross-site scripting attack if they attempt to access a maliciously-crafted URL. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.",F5,Big-ip Afm,5.4,MEDIUM,0.000539999979082495,false,false,false,false,,false,false,2021-02-12T17:57:08.000Z,0
CVE-2020-27714,https://securityvulnerability.io/vulnerability/CVE-2020-27714,,"On the BIG-IP AFM version 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.5, when a Protocol Inspection Profile is attached to a FastL4 virtual server with the protocol field configured to either Other or All Protocols, the TMM may experience a restart if the profile processes non-TCP traffic.",F5,Big-ip Afm,7.5,HIGH,0.0010300000431016088,false,false,false,false,,false,false,2020-12-24T15:10:43.000Z,0
CVE-2020-5935,https://securityvulnerability.io/vulnerability/CVE-2020-5935,,"On BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when handling MQTT traffic through a BIG-IP virtual server associated with an MQTT profile and an iRule performing manipulations on that traffic, TMM may produce a core file.",F5,"Big-ip (ltm, Aam, Afm, Analytics, Apm, Asm, Dns, Fps, Gtm, Link Controller, Pem)",5.9,MEDIUM,0.0010300000431016088,false,false,false,false,,false,false,2020-10-29T15:07:59.000Z,0
CVE-2020-5937,https://securityvulnerability.io/vulnerability/CVE-2020-5937,,"On BIG-IP AFM 15.1.0-15.1.0.5, the Traffic Management Microkernel (TMM) may produce a core file while processing layer 4 (L4) behavioral denial-of-service (DoS) traffic.",F5,Big-ip Afm,7.5,HIGH,0.0010300000431016088,false,false,false,false,,false,false,2020-10-29T13:32:15.000Z,0
CVE-2020-5920,https://securityvulnerability.io/vulnerability/CVE-2020-5920,,"In versions 15.0.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, a vulnerability in the BIG-IP AFM Configuration utility may allow any authenticated BIG-IP user to perform a read-only blind SQL injection attack.",F5,Big-ip Afm,4.3,MEDIUM,0.000539999979082495,false,false,false,false,,false,false,2020-08-26T14:50:34.000Z,0
CVE-2019-6672,https://securityvulnerability.io/vulnerability/CVE-2019-6672,,"On BIG-IP AFM 15.0.0-15.0.1, 14.0.0-14.1.2, and 13.1.0-13.1.3.1, when bad-actor detection is configured on a wildcard virtual server on platforms with hardware-based sPVA, the performance of the BIG-IP AFM system is degraded.",F5,Big-ip Afm,7.5,HIGH,0.0010300000431016088,false,false,false,false,,false,false,2019-11-27T21:38:16.000Z,0
CVE-2019-6658,https://securityvulnerability.io/vulnerability/CVE-2019-6658,,"On BIG-IP AFM 15.0.0-15.0.1, 14.0.0-14.1.2, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, a vulnerability in the AFM configuration utility may allow any authenticated BIG-IP user to run an SQL injection attack.",F5,Big-ip (afm),4.3,MEDIUM,0.000539999979082495,false,false,false,false,,false,false,2019-11-01T14:59:18.000Z,0
CVE-2019-6657,https://securityvulnerability.io/vulnerability/CVE-2019-6657,,"On BIG-IP 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI), also known as the BIG-IP Configuration utility.",F5,"Big-ip (ltm, Aam, Afm, Analytics, Apm, Asm, Dns, Edge Gateway, Fps, Gtm, Link Controller, Pem, Webaccelerator)",6.1,MEDIUM,0.0007800000021234155,false,false,false,false,,false,false,2019-11-01T14:53:06.000Z,0
CVE-2019-6655,https://securityvulnerability.io/vulnerability/CVE-2019-6655,,"On versions 13.0.0-13.1.0.1, 12.1.0-12.1.4.1, 11.6.1-11.6.4, and 11.5.1-11.5.9, BIG-IP platforms where AVR, ASM, APM, PEM, AFM, and/or AAM is provisioned may leak sensitive data.",F5,"Big-ip Avr, Asm, Apm, Pem, Afm, And/or Aam",5.3,MEDIUM,0.0008999999845400453,false,false,false,false,,false,false,2019-09-25T19:00:43.000Z,0
CVE-2019-6639,https://securityvulnerability.io/vulnerability/CVE-2019-6639,,"On BIG-IP (AFM, PEM) 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, an undisclosed TMUI pages for AFM and PEM Subscriber management are vulnerable to a stored cross-site scripting (XSS) issue. This is a control plane issue only and is not accessible from the data plane. The attack requires a malicious resource administrator to store the XSS.",F5,"Big-ip (afm, Pem)",4.8,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2019-07-03T18:26:41.000Z,0
CVE-2019-6636,https://securityvulnerability.io/vulnerability/CVE-2019-6636,,"On BIG-IP (AFM, ASM) 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, and 11.5.1-11.6.4, a stored cross-site scripting vulnerability in AFM feed list. In the worst case, an attacker can store a CSRF which results in code execution as the admin user. The level of user role which can perform this attack are resource administrator and administrator.",F5,"Big-ip (afm, Asm)",8.4,HIGH,0.001930000027641654,false,false,false,false,,false,false,2019-07-03T18:17:07.000Z,0
CVE-2019-6626,https://securityvulnerability.io/vulnerability/CVE-2019-6626,,"On BIG-IP (AFM, Analytics, ASM) 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, and 11.5.1-11.6.3.4, A reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI), also known as the Configuration utility.",F5,"Big-ip (afm, Analytics, Asm)",6.1,MEDIUM,0.0007800000021234155,false,false,false,false,,false,false,2019-07-03T17:34:06.000Z,0
CVE-2019-6619,https://securityvulnerability.io/vulnerability/CVE-2019-6619,,"On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, the Traffic Management Microkernel (TMM) may restart when a virtual server has an HTTP/2 profile with Application Layer Protocol Negotiation (ALPN) enabled and it processes traffic where the ALPN extension size is zero.",F5,"Big-ip (ltm, Aam, Afm, Apm, Asm, Link Controller, Pem, Webaccelerator)",7.5,HIGH,0.000859999970998615,false,false,false,false,,false,false,2019-05-03T19:35:37.000Z,0
CVE-2019-6618,https://securityvulnerability.io/vulnerability/CVE-2019-6618,,"On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, users with the Resource Administrator role can modify sensitive portions of the filesystem if provided Advanced Shell Access, such as editing /etc/passwd. This allows modifications to user objects and is contrary to our definition for the Resource Administrator (RA) role restrictions.",F5,"Big-ip (ltm, Aam, Afm, Analytics, Apm, Asm, Dns, Edge Gateway, Fps, Gtm, Link Controller, Pem, Webaccelerator)",4.9,MEDIUM,0.000539999979082495,false,false,false,false,,false,false,2019-05-03T19:28:54.000Z,0
CVE-2019-6617,https://securityvulnerability.io/vulnerability/CVE-2019-6617,,"On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, a user with the Resource Administrator role is able to overwrite sensitive low-level files (such as /etc/passwd) using SFTP to modify user permissions, without Advanced Shell access. This is contrary to our definition for the Resource Administrator (RA) role restrictions.",F5,"Big-ip (ltm, Aam, Afm, Analytics, Apm, Asm, Dns, Edge Gateway, Fps, Gtm, Link Controller, Pem, Webaccelerator)",6.5,MEDIUM,0.001180000021122396,false,false,false,false,,false,false,2019-05-03T19:16:02.000Z,0
CVE-2019-6616,https://securityvulnerability.io/vulnerability/CVE-2019-6616,,"On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, administrative users with TMSH access can overwrite critical system files on BIG-IP which can result in bypass of whitelist / blacklist restrictions enforced by appliance mode.",F5,"Big-ip (ltm, Aam, Afm, Analytics, Apm, Asm, Dns, Edge Gateway, Fps, Gtm, Link Controller, Pem, Webaccelerator)",7.2,HIGH,0.00171999994199723,false,false,false,false,,false,false,2019-05-03T19:12:57.000Z,0
CVE-2019-6614,https://securityvulnerability.io/vulnerability/CVE-2019-6614,,"On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, internal methods used to prevent arbitrary file overwrites in Appliance Mode were not fully effective. An authenticated attacker with a high privilege level may be able to bypass protections implemented in appliance mode to overwrite arbitrary system files.",F5,"Big-ip (ltm, Aam, Afm, Analytics, Apm, Asm, Dns, Edge Gateway, Fps, Gtm, Link Controller, Pem, Webaccelerator)",6.5,MEDIUM,0.0007200000109151006,false,false,false,false,,false,false,2019-05-03T19:09:12.000Z,0
CVE-2019-6615,https://securityvulnerability.io/vulnerability/CVE-2019-6615,,"On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, Administrator and Resource Administrator roles might exploit TMSH access to bypass Appliance Mode restrictions on BIG-IP systems.",F5,"Big-ip (ltm, Aam, Afm, Analytics, Apm, Asm, Dns, Edge Gateway, Gtm, Link Controller, Pem, Webaccelerator, Websafe)",4.9,MEDIUM,0.0005499999970197678,false,false,false,false,,false,false,2019-05-03T19:05:20.000Z,0