F5 Schwachstellen

Zeitverlauf

Typ

Firewall Software	644
Not Defined	71
Web Server	16
Policy Management Software	3
Android App Software	1

Produkt

F5 BIG-IP	446
F5 BIG-IP APM	61
F5 BIG-IP ASM	45
F5 BIG-IQ	39
F5 BIG-IP Advanced WAF	27

Massnahmen

Official Fix	489
Temporary Fix	0
Workaround	10
Unavailable	7
Not Defined	231

Ausnutzbarkeit

High	23
Functional	0
Proof-of-Concept	24
Unproven	7
Not Defined	683

Zugriffsart

Not Defined	0
Physical	2
Local	56
Adjacent	70
Network	609

Authentisierung

Not Defined	0
High	57
Low	256
None	424

Benutzeraktivität

Not Defined	0
Required	110
None	627

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	6
≤4	65
≤5	144
≤6	174
≤7	175
≤8	134
≤9	26
≤10	13

CVSSv3 Temp

≤1	0
≤2	0
≤3	11
≤4	67
≤5	150
≤6	180
≤7	172
≤8	122
≤9	24
≤10	11

VulDB

≤1	0
≤2	1
≤3	25
≤4	127
≤5	142
≤6	219
≤7	61
≤8	129
≤9	21
≤10	12

NVD

≤1	0
≤2	0
≤3	0
≤4	5
≤5	37
≤6	84
≤7	50
≤8	171
≤9	26
≤10	28

CNA

≤1	0
≤2	0
≤3	0
≤4	4
≤5	22
≤6	29
≤7	16
≤8	78
≤9	11
≤10	3

Hersteller

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	3
<2k	21
<5k	163
<10k	277
<25k	264
<50k	9
<100k	0
≥100k	0

Exploit heute

<1k	473
<2k	47
<5k	129
<10k	42
<25k	46
<50k	0
<100k	0
≥100k	0

Exploitmarktvolumen

🔴 CTI Aktivitäten

Affected Products (75): 3-DNS Controller (2), APM (1), ARX Data Manager (1), ASM (8), Access (1), Advanced WAF (6), BIG-IP (446), BIG-IP AAM (1), BIG-IP AF (1), BIG-IP AFM (21), BIG-IP APM (61), BIG-IP APM AD (1), BIG-IP APM Client (9), BIG-IP APM Client Troubleshooting Utility (1), BIG-IP APM Clients (3), BIG-IP APM Edge Client (3), BIG-IP ASM (45), BIG-IP Access Policy Manager (3), BIG-IP Advanced WAF (27), BIG-IP Analytics (3), BIG-IP Application Acceleration Manager (1), BIG-IP Application Security Manager (1), BIG-IP CGNAT (1), BIG-IP Configuration utility (2), BIG-IP Controller for Kubernetes (1), BIG-IP DNS (7), BIG-IP DataSafe (1), BIG-IP Edge Client (11), BIG-IP FPS (2), BIG-IP GTM (3), BIG-IP Guided Configuration (4), BIG-IP LTM (3), BIG-IP LTM GSLB (1), BIG-IP Manager (1), BIG-IP Next (2), BIG-IP Next CNF (5), BIG-IP Next Central Manager (7), BIG-IP Next SPK (5), BIG-IP PEM (7), BIG-IP Virtual Edition (9), BIG-IP Virtual Server (5), BIG-IQ (39), BIG-IQ Centralized Management (9), BIG-IQ Cloud (2), BIG-IQ iControl (1), Big-IP Protocol Security Manager (1), Big-ip Protocol Security Module (1), Container Ingress Service (1), Edge Gateway (1), Enterprise Manager (16), F5OS (1), F5OS-A (6), F5OS-C (4), FirePass (16), FirePass 1000 (1), FirePass 1200 (1), FirePass 4100 (5), Firepass (1), Firepass 4100 (3), NGINX Agent (2), NGINX Ingress Controller (2), NGINX Instance Manager (2), NGINX Management Suite (2), NGINX Open Source (7), NGINX Plus (8), NGINX Service Mesh (1), Orchestration (1), Products (1), Rising (3), SSL Intercept iApp (2), SSL Orchestrator (3), Security (1), Traffix SDC (2), WebSafe Alert Server (3), iWorkflow (7)

Link to Vendor Website: https://f5.com/

Veröffentlicht	Base	Temp	Schwachstelle	Prod	Aus	Mas	EPSS	CTI	CVE
22.08.2024	3.8	3.7	F5 NGINX Agent/NGINX Instance Manager config_dirs Restrictions Directory Traversal	Web Server	Not Defined	Official Fix	0.00044	0.05	CVE-2024-7634
14.08.2024	6.7	6.6	F5 BIG-IP Next Central Manager Refresh Token schwache Authentisierung	Firewall Software	Not Defined	Official Fix	0.00091	0.00	CVE-2024-39809
14.08.2024	5.3	5.2	F5 BIG-IP Next Central Manager Denial of Service	Firewall Software	Not Defined	Official Fix	0.00046	0.00	CVE-2024-37028
14.08.2024	4.7	4.7	F5 NGINX Open Source/NGINX Plus ngx_http_mp4_module Denial of Service	Web Server	Not Defined	Not Defined	0.00044	0.08	CVE-2024-7347
14.08.2024	4.3	4.2	F5 BIG-IP iControl REST Information Disclosure	Firewall Software	Not Defined	Official Fix	0.00045	0.03	CVE-2024-41723
14.08.2024	6.4	6.4	F5 BIG-IP/BIG-IP Next CNF/BIG-IP Next SPK MPTCP Denial of Service	Firewall Software	Not Defined	Official Fix	0.00046	0.03	CVE-2024-41164
14.08.2024	6.8	6.7	F5 BIG-IP Stateless Virtual Server Denial of Service	Firewall Software	Not Defined	Official Fix	0.00046	0.04	CVE-2024-39778
14.08.2024	7.5	7.4	F5 BIG-IP Denial of Service	Firewall Software	Not Defined	Official Fix	0.00046	0.03	CVE-2024-41727
14.08.2024	7.5	7.5	F5 NGINX Plus MQTT Pre-Read Module Pufferüberlauf	Web Server	Not Defined	Not Defined	0.00046	0.03	CVE-2024-39792
14.08.2024	4.0	4.0	F5 BIG-IP Next Central Manager QKView Information Disclosure	Firewall Software	Not Defined	Official Fix	0.00043	0.03	CVE-2024-41719
29.05.2024	4.3	4.1	F5 NGINX Plus/NGINX Open Source HTTP3 QUIC Denial of Service	Web Server	Not Defined	Official Fix	0.00045	0.04	CVE-2024-34161
29.05.2024	4.3	4.1	F5 NGINX Plus/NGINX Open Source HTTP3 QUIC Denial of Service	Web Server	Not Defined	Official Fix	0.00045	0.04	CVE-2024-32760
29.05.2024	4.3	4.1	F5 NGINX Plus/NGINX Open Source HTTP3 QUIC Denial of Service	Web Server	Not Defined	Official Fix	0.00045	0.04	CVE-2024-35200
29.05.2024	3.1	3.0	F5 NGINX Plus/NGINX Open Source HTTP3 QUIC Denial of Service	Web Server	Not Defined	Official Fix	0.00045	0.04	CVE-2024-31079
08.05.2024	3.5	3.4	F5 BIG-IP Next/BIG-IP	Firewall Software	Not Defined	Official Fix	0.00043	0.07	CVE-2024-33604
08.05.2024	3.1	3.0	F5 BIG-IP Configuration utility Cross Site Scripting	Firewall Software	Not Defined	Official Fix	0.00043	0.04	CVE-2024-27202
08.05.2024	3.5	3.4	F5 BIG-IP/BIG-IQ Configuration utility Cross Site Scripting	Firewall Software	Not Defined	Official Fix	0.00043	0.00	CVE-2024-31156
08.05.2024	3.7	3.6	F5 BIG-IP Next Central Manager schwache Authentisierung	Firewall Software	Not Defined	Official Fix	0.00043	0.00	CVE-2024-33612
08.05.2024	2.3	2.2	F5 BIG-IP Next CNF Global Server Load Balancing Container Information Disclosure	Firewall Software	Not Defined	Official Fix	0.00043	0.00	CVE-2024-28132
08.05.2024	5.9	5.7	F5 BIG-IP Traffic Management Microkernel Denial of Service	Firewall Software	Not Defined	Official Fix	0.00043	0.00	CVE-2024-32761
08.05.2024	5.6	5.4	F5 BIG-IP APM/BIG-IP APM Client VPN erweiterte Rechte	Firewall Software	Not Defined	Official Fix	0.00043	0.04	CVE-2024-28883
08.05.2024	4.3	4.1	F5 BIG-IP SSL Profile Denial of Service	Firewall Software	Not Defined	Official Fix	0.00043	0.00	CVE-2024-28889
08.05.2024	7.3	7.0	F5 BIG-IP Next Central Manager API SQL Injection	Firewall Software	Not Defined	Official Fix	0.00043	0.03	CVE-2024-21793
08.05.2024	7.3	7.0	F5 BIG-IP Next Central Manager SQL Injection	Firewall Software	Not Defined	Official Fix	0.00043	0.03	CVE-2024-26026
08.05.2024	3.7	3.6	F5 BIG-IP Next Central Manager schwache Verschlüsselung	Firewall Software	Not Defined	Official Fix	0.00043	0.00	CVE-2024-32049

712 weitere Einträge werden nicht mehr angezeigt

🔒 Login Required

You need to signup and login to see more of the remaining 712 results.

◂ ZurückÜbersichtWeiter ▸

Do you need the next level of professionalism?

Upgrade your account now!