Vulnerabilities > F5 > BIG IP Advanced Firewall Manager > High

DATE CVE VULNERABILITY TITLE RISK
2019-10-03 CVE-2018-14468 Out-of-bounds Read vulnerability in multiple products
The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().
7.5
2019-09-04 CVE-2019-6646 Unspecified vulnerability in F5 products
On BIG-IP 11.5.2-11.6.4 and Enterprise Manager 3.1.1, REST users with guest privileges may be able to escalate their privileges and run commands with admin privileges.
network
low complexity
f5
8.8
2019-09-04 CVE-2019-6643 Unspecified vulnerability in F5 products
On versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, 12.1.0-12.1.4.1, and 11.5.2-11.6.4, an attacker sending specifically crafted DHCPv6 requests through a BIG-IP virtual server configured with a DHCPv6 profile may be able to cause the TMM process to produce a core file.
network
low complexity
f5
7.5
2019-09-04 CVE-2019-6645 Unspecified vulnerability in F5 products
On BIG-IP 14.0.0-14.1.0.5, 13.0.0-13.1.2, 12.1.0-12.1.4.1, 11.5.2-11.6.4, FTP traffic passing through a Virtual Server with both an active FTP profile associated and connection mirroring configured may lead to a TMM crash causing the configured HA action to be taken.
network
low complexity
f5
7.5
2019-07-03 CVE-2019-6636 Cross-site Scripting vulnerability in F5 Big-Ip Advanced Firewall Manager
On BIG-IP (AFM, ASM) 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, and 11.5.1-11.6.4, a stored cross-site scripting vulnerability in AFM feed list.
network
low complexity
f5 CWE-79
8.4
2019-07-03 CVE-2019-6631 Unspecified vulnerability in F5 products
On BIG-IP 11.5.1-11.6.4, iRules performing HTTP header manipulation may cause an interruption to service when processing traffic handled by a Virtual Server with an associated HTTP profile, in specific circumstances, when the requests do not strictly conform to RFCs.
network
low complexity
f5
7.5
2019-07-03 CVE-2019-6629 Unspecified vulnerability in F5 products
On BIG-IP 14.1.0-14.1.0.5, undisclosed SSL traffic to a virtual server configured with a Client SSL profile may cause TMM to fail and restart.
network
low complexity
f5
7.5
2019-07-02 CVE-2019-6623 Unspecified vulnerability in F5 products
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, undisclosed traffic sent to BIG-IP iSession virtual server may cause the Traffic Management Microkernel (TMM) to restart, resulting in a Denial-of-Service (DoS).
network
low complexity
f5
7.5
2019-07-02 CVE-2019-6624 Unspecified vulnerability in F5 products
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, an undisclosed traffic pattern sent to a BIG-IP UDP virtual server may lead to a denial-of-service (DoS).
network
low complexity
f5
7.5
2019-07-02 CVE-2019-6622 Command Injection vulnerability in F5 products
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4, 12.1.0-12.1.4.1, and 11.5.1-11.6.4, an undisclosed iControl REST worker is vulnerable to command injection by an administrator or resource administrator user.
network
low complexity
f5 CWE-77
7.2