F5 漏洞

时间轴

类型

Firewall Software644
Not Defined71
Web Server16
Policy Management Software3
Android App Software1

产品

F5 BIG-IP446
F5 BIG-IP APM61
F5 BIG-IP ASM45
F5 BIG-IQ39
F5 BIG-IP Advanced WAF27

修正

Official Fix489
Temporary Fix0
Workaround10
Unavailable7
Not Defined231

易受攻击性

High23
Functional0
Proof-of-Concept24
Unproven7
Not Defined683

访问向量

Not Defined0
Physical2
Local56
Adjacent70
Network609

身份验证

Not Defined0
High57
Low256
None424

用户交互

Not Defined0
Required110
None627

C3BM Index

CVSSv3 Base

≤10
≤20
≤36
≤465
≤5144
≤6174
≤7175
≤8134
≤926
≤1013

CVSSv3 Temp

≤10
≤20
≤311
≤467
≤5150
≤6180
≤7172
≤8122
≤924
≤1011

VulDB

≤10
≤21
≤325
≤4127
≤5142
≤6219
≤761
≤8129
≤921
≤1012

NVD

≤10
≤20
≤30
≤45
≤537
≤684
≤750
≤8171
≤926
≤1028

CNA

≤10
≤20
≤30
≤44
≤522
≤629
≤716
≤878
≤911
≤103

供应商

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

零日攻击

<1k3
<2k21
<5k163
<10k277
<25k264
<50k9
<100k0
≥100k0

本日攻击

<1k473
<2k47
<5k129
<10k42
<25k46
<50k0
<100k0
≥100k0

攻击市场容量

🔴 CTI 活动

Affected Products (75): 3-DNS Controller (2), APM (1), ARX Data Manager (1), ASM (8), Access (1), Advanced WAF (6), BIG-IP (446), BIG-IP AAM (1), BIG-IP AF (1), BIG-IP AFM (21), BIG-IP APM (61), BIG-IP APM AD (1), BIG-IP APM Client (9), BIG-IP APM Client Troubleshooting Utility (1), BIG-IP APM Clients (3), BIG-IP APM Edge Client (3), BIG-IP ASM (45), BIG-IP Access Policy Manager (3), BIG-IP Advanced WAF (27), BIG-IP Analytics (3), BIG-IP Application Acceleration Manager (1), BIG-IP Application Security Manager (1), BIG-IP CGNAT (1), BIG-IP Configuration utility (2), BIG-IP Controller for Kubernetes (1), BIG-IP DNS (7), BIG-IP DataSafe (1), BIG-IP Edge Client (11), BIG-IP FPS (2), BIG-IP GTM (3), BIG-IP Guided Configuration (4), BIG-IP LTM (3), BIG-IP LTM GSLB (1), BIG-IP Manager (1), BIG-IP Next (2), BIG-IP Next CNF (5), BIG-IP Next Central Manager (7), BIG-IP Next SPK (5), BIG-IP PEM (7), BIG-IP Virtual Edition (9), BIG-IP Virtual Server (5), BIG-IQ (39), BIG-IQ Centralized Management (9), BIG-IQ Cloud (2), BIG-IQ iControl (1), Big-IP Protocol Security Manager (1), Big-ip Protocol Security Module (1), Container Ingress Service (1), Edge Gateway (1), Enterprise Manager (16), F5OS (1), F5OS-A (6), F5OS-C (4), FirePass (16), FirePass 1000 (1), FirePass 1200 (1), FirePass 4100 (5), Firepass (1), Firepass 4100 (3), NGINX Agent (2), NGINX Ingress Controller (2), NGINX Instance Manager (2), NGINX Management Suite (2), NGINX Open Source (7), NGINX Plus (8), NGINX Service Mesh (1), Orchestration (1), Products (1), Rising (3), SSL Intercept iApp (2), SSL Orchestrator (3), Security (1), Traffix SDC (2), WebSafe Alert Server (3), iWorkflow (7)

Link to Vendor Website: https://f5.com/

已发布BaseTemp漏洞Prod易受攻修正EPSSCTICVE
2024-08-223.83.7F5 NGINX Agent/NGINX Instance Manager config_dirs Restrictions 目录遍历Web ServerNot DefinedOfficial Fix0.000440.05CVE-2024-7634
2024-08-146.76.6F5 BIG-IP Next Central Manager Refresh Token 弱身份验证Firewall SoftwareNot DefinedOfficial Fix0.000910.00CVE-2024-39809
2024-08-145.35.2F5 BIG-IP Next Central Manager 拒绝服务Firewall SoftwareNot DefinedOfficial Fix0.000460.00CVE-2024-37028
2024-08-144.74.7F5 NGINX Open Source/NGINX Plus ngx_http_mp4_module 拒绝服务Web ServerNot DefinedNot Defined0.000440.08CVE-2024-7347
2024-08-144.34.2F5 BIG-IP iControl REST 信息公开Firewall SoftwareNot DefinedOfficial Fix0.000450.03CVE-2024-41723
2024-08-146.46.4F5 BIG-IP/BIG-IP Next CNF/BIG-IP Next SPK MPTCP 拒绝服务Firewall SoftwareNot DefinedOfficial Fix0.000460.03CVE-2024-41164
2024-08-146.86.7F5 BIG-IP Stateless Virtual Server 拒绝服务Firewall SoftwareNot DefinedOfficial Fix0.000460.04CVE-2024-39778
2024-08-147.57.4F5 BIG-IP 拒绝服务Firewall SoftwareNot DefinedOfficial Fix0.000460.03CVE-2024-41727
2024-08-147.57.5F5 NGINX Plus MQTT Pre-Read Module 内存损坏Web ServerNot DefinedNot Defined0.000460.03CVE-2024-39792
2024-08-144.04.0F5 BIG-IP Next Central Manager QKView 信息公开Firewall SoftwareNot DefinedOfficial Fix0.000430.03CVE-2024-41719
2024-05-294.34.1F5 NGINX Plus/NGINX Open Source HTTP3 QUIC 拒绝服务Web ServerNot DefinedOfficial Fix0.000450.04CVE-2024-34161
2024-05-294.34.1F5 NGINX Plus/NGINX Open Source HTTP3 QUIC 拒绝服务Web ServerNot DefinedOfficial Fix0.000450.04CVE-2024-32760
2024-05-294.34.1F5 NGINX Plus/NGINX Open Source HTTP3 QUIC 拒绝服务Web ServerNot DefinedOfficial Fix0.000450.04CVE-2024-35200
2024-05-293.13.0F5 NGINX Plus/NGINX Open Source HTTP3 QUIC 拒绝服务Web ServerNot DefinedOfficial Fix0.000450.04CVE-2024-31079
2024-05-083.53.4F5 BIG-IP Next/BIG-IPFirewall SoftwareNot DefinedOfficial Fix0.000430.07CVE-2024-33604
2024-05-083.13.0F5 BIG-IP Configuration utility 跨网站脚本Firewall SoftwareNot DefinedOfficial Fix0.000430.04CVE-2024-27202
2024-05-083.53.4F5 BIG-IP/BIG-IQ Configuration utility 跨网站脚本Firewall SoftwareNot DefinedOfficial Fix0.000430.00CVE-2024-31156
2024-05-083.73.6F5 BIG-IP Next Central Manager 弱身份验证Firewall SoftwareNot DefinedOfficial Fix0.000430.00CVE-2024-33612
2024-05-082.32.2F5 BIG-IP Next CNF Global Server Load Balancing Container 信息公开Firewall SoftwareNot DefinedOfficial Fix0.000430.00CVE-2024-28132
2024-05-085.95.7F5 BIG-IP Traffic Management Microkernel 拒绝服务Firewall SoftwareNot DefinedOfficial Fix0.000430.00CVE-2024-32761
2024-05-085.65.4F5 BIG-IP APM/BIG-IP APM Client VPN 权限升级Firewall SoftwareNot DefinedOfficial Fix0.000430.04CVE-2024-28883
2024-05-084.34.1F5 BIG-IP SSL Profile 拒绝服务Firewall SoftwareNot DefinedOfficial Fix0.000430.00CVE-2024-28889
2024-05-087.37.0F5 BIG-IP Next Central Manager API SQL注入Firewall SoftwareNot DefinedOfficial Fix0.000430.03CVE-2024-21793
2024-05-087.37.0F5 BIG-IP Next Central Manager SQL注入Firewall SoftwareNot DefinedOfficial Fix0.000430.03CVE-2024-26026
2024-05-083.73.6F5 BIG-IP Next Central Manager 弱加密Firewall SoftwareNot DefinedOfficial Fix0.000430.00CVE-2024-32049

712 更多条目未显示

🔒 Login Required

You need to signup and login to see more of the remaining 712 results.

上一步一览下一步

Interested in the pricing of exploits?

See the underground prices here!