F5 Networks Big Ip
Known Exploited F5 Networks Big Ip Vulnerabilities
The following F5 Networks Big Ip vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.
| Title | Description | Added |
|---|---|---|
| F5 BIG-IP Missing Authentication Vulnerability | F5 BIG-IP contains a missing authentication in critical function vulnerability which can allow for remote code execution, creation or deletion of files, or disabling services. CVE-2022-1388 | May 10, 2022 |
| F5 BIG-IP Traffic Management User Interface Remote Code Execution Vulnerability | In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. CVE-2020-5902 | November 3, 2021 |
| F5 iControl REST unauthenticated Remote Code Execution Vulnerability | The iControl REST interface has an unauthenticated remote command execution vulnerability. CVE-2021-22986 | November 3, 2021 |
By the Year
In 2024 there have been 0 vulnerabilities in F5 Networks Big Ip . Big Ip did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Big Ip vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent F5 Networks Big Ip Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in the tree view (pl_tree.php) feature in Application Security Manager (ASM) in F5 BIG-IP 11.3.0
CVE-2014-9342
- December 08, 2014
Cross-site scripting (XSS) vulnerability in the tree view (pl_tree.php) feature in Application Security Manager (ASM) in F5 BIG-IP 11.3.0 allows remote attackers to inject arbitrary web script or HTML by accessing a crafted URL during automatic policy generation.
XSS
Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module
CVE-2007-6258
- February 19, 2008
Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2) Hostname within a Host header.
Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Apache Mod Jk or by F5 Networks? Click the Watch button to subscribe.
