F5 Networks Big Ip Next Central Manager
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in F5 Networks Big Ip Next Central Manager.
By the Year
In 2026 there have been 0 vulnerabilities in F5 Networks Big Ip Next Central Manager. Last year, in 2025 Big Ip Next Central Manager had 1 security vulnerability published. Right now, Big Ip Next Central Manager is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 0.00 |
| 2024 | 7 | 6.97 |
It may take a day or so for new Big Ip Next Central Manager vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent F5 Networks Big Ip Next Central Manager Security Vulnerabilities
BIG-IP Next CM Local Auth Log Sensitive Data Exposure
CVE-2025-23413
- February 05, 2025
When users log in through the webUI or API using local authentication, BIG-IP Next Central Manager may log sensitive information in the pgaudit log files. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Insertion of Sensitive Information into Log File
Central Manager: Session Token Not Expired on Logout
CVE-2024-39809
8.8 - High
- August 14, 2024
The Central Manager user session refresh token does not expire when a user logs out. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Insufficient Session Expiration
F5 BIG-IP CM QKView logs iHealth credentials
CVE-2024-41719
5.5 - Medium
- August 14, 2024
When generating QKView of BIG-IP Next instance from the BIG-IP Next Central Manager (CM), F5 iHealth credentials will be logged in the BIG-IP Central Manager logs. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Insertion of Sensitive Information into Log File
Auth bypass allows lockout of nonlogged accounts in BIG-IP Next Central Manager
CVE-2024-37028
5.3 - Medium
- August 14, 2024
BIG-IP Next Central Manager may allow an attacker to lock out an account that has never been logged in. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
authentification
BIGIP Next Central Manager Improper Cert Validation Enables Impersonation
CVE-2024-33612
6.8 - Medium
- May 08, 2024
An improper certificate validation vulnerability exists in BIG-IP Next Central Manager and may allow an attacker to impersonate an Instance Provider system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Improper Certificate Validation
Unauthenticated Remote Credential Leak in BIG-IP Next CM
CVE-2024-32049
7.4 - High
- May 08, 2024
BIG-IP Next Central Manager (CM) may allow an unauthenticated, remote attacker to obtain the BIG-IP Next LTM/WAF instance credentials. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
SQL Injection in BIG-IP Next CM API risk to DB leakage
CVE-2024-26026
7.5 - High
- May 08, 2024
An SQL injection vulnerability exists in the BIG-IP Next Central Manager API (URI). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
SQL Injection
BIG-IP Next Central Manager OData Injection (CVE-2024-21793)
CVE-2024-21793
7.5 - High
- May 08, 2024
An OData injection vulnerability exists in the BIG-IP Next Central Manager API (URI). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
SQL Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for F5 Networks Big Ip Next Central Manager or by F5 Networks? Click the Watch button to subscribe.
