F5 الثغرات

التسلسل الزمني

النوع

منتج

F5 BIG-IP436
F5 BIG-IP APM60
F5 BIG-IP ASM45
F5 BIG-IQ38
F5 BIG-IP Advanced WAF27

معالجة

Official Fix464
Temporary Fix0
Workaround10
Unavailable7
Not Defined229

قابلية الاستغلال

High18
Functional0
Proof-of-Concept25
Unproven7
Not Defined660

متجه الوصول

Not Defined0
Physical2
Local53
Adjacent70
Network585

توثيق

Not Defined0
High54
Low252
None404

تفاعل المستخدم

Not Defined0
Required102
None608

C3BM Index

CVSSv3 Base

≤10
≤20
≤35
≤457
≤5138
≤6169
≤7172
≤8130
≤926
≤1013

CVSSv3 Temp

≤10
≤20
≤38
≤461
≤5144
≤6175
≤7167
≤8120
≤924
≤1011

VulDB

≤10
≤21
≤322
≤4120
≤5136
≤6212
≤761
≤8125
≤921
≤1012

NVD

≤10
≤20
≤30
≤45
≤535
≤682
≤750
≤8166
≤925
≤1028

CNA

≤10
≤20
≤30
≤44
≤518
≤627
≤716
≤874
≤911
≤103

المجهز

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

إكسبلويت ذات هجوم فوري

<1k2
<2k19
<5k155
<10k273
<25k251
<50k10
<100k0
≥100k0

إكسبلويت اليوم

<1k434
<2k62
<5k103
<10k89
<25k22
<50k0
<100k0
≥100k0

حجم سوق الإكسبلويت

🔴 CTI النشاطات

Affected Products (74): 3-DNS Controller (2), APM (1), ARX Data Manager (1), ASM (8), Access (1), Advanced WAF (6), BIG-IP (436), BIG-IP AAM (1), BIG-IP AF (1), BIG-IP AFM (20), BIG-IP APM (60), BIG-IP APM AD (1), BIG-IP APM Client (8), BIG-IP APM Client Troubleshooting Utility (1), BIG-IP APM Clients (3), BIG-IP APM Edge Client (3), BIG-IP ASM (45), BIG-IP Access Policy Manager (3), BIG-IP Advanced WAF (27), BIG-IP Analytics (3), BIG-IP Application Acceleration Manager (1), BIG-IP Application Security Manager (1), BIG-IP CGNAT (1), BIG-IP Configuration utility (2), BIG-IP Controller for Kubernetes (1), BIG-IP DNS (7), BIG-IP DataSafe (1), BIG-IP Edge Client (11), BIG-IP FPS (2), BIG-IP GTM (3), BIG-IP Guided Configuration (4), BIG-IP LTM (3), BIG-IP LTM GSLB (1), BIG-IP Manager (1), BIG-IP Next (1), BIG-IP Next CNF (2), BIG-IP Next SPK (4), BIG-IP PEM (7), BIG-IP Virtual Edition (9), BIG-IP Virtual Server (5), BIG-IQ (38), BIG-IQ Centralized Management (9), BIG-IQ Cloud (2), BIG-IQ iControl (1), Big-IP Protocol Security Manager (1), Big-ip Protocol Security Module (1), Container Ingress Service (1), Edge Gateway (1), Enterprise Manager (16), F5OS (1), F5OS-A (6), F5OS-C (4), FirePass (16), FirePass 1000 (1), FirePass 1200 (1), FirePass 4100 (5), Firepass (1), Firepass 4100 (3), NGINX Agent (1), NGINX Ingress Controller (2), NGINX Instance Manager (1), NGINX Management Suite (2), NGINX Open Source (2), NGINX Plus (2), NGINX Service Mesh (1), Orchestration (1), Products (1), Rising (3), SSL Intercept iApp (2), SSL Orchestrator (3), Security (1), Traffix SDC (2), WebSafe Alert Server (3), iWorkflow (7)

Link to Vendor Website: https://f5.com/

منشورBaseTempالثغرةProdق�معالجةCTIEPSSCVE
14/02/20246.76.6F5 NGINX Plus/NGINX Open Source QUIC Module تلف الذاكرةWeb ServerNot DefinedOfficial Fix0.050.00043CVE-2024-24990
14/02/20245.15.0F5 BIG-IP Appliance Mode تجاوز الصلاحياتFirewall SoftwareNot DefinedOfficial Fix0.000.00043CVE-2024-23976
14/02/20247.57.3F5 NGINX Plus/NGINX Open Source QUIC Module الحرمان من الخدمةWeb ServerNot DefinedOfficial Fix0.030.00043CVE-2024-24989
14/02/20244.44.3F5 F5OS-A/F5OS-C QKView Utility اجتياز الدليلغير معروفNot DefinedOfficial Fix0.020.00044CVE-2024-23607
14/02/20244.34.2F5 BIG-IP Advanced WAF/BIG-IP ASM Configuration Utility حقن إس كيو إلFirewall SoftwareNot DefinedOfficial Fix0.020.00043CVE-2024-23603
14/02/20244.74.7F5 F5OS LDAP Remote Authentication تجاوز الصلاحياتغير معروفNot DefinedOfficial Fix0.040.00043CVE-2024-24966
14/02/20247.57.3F5 BIG-IP Traffic Management Microkernel الحرمان من الخدمةFirewall SoftwareNot DefinedOfficial Fix0.060.00043CVE-2024-24775
14/02/20247.57.3F5 BIG-IP Certificate الحرمان من الخدمةFirewall SoftwareNot DefinedOfficial Fix0.020.00043CVE-2024-23979
14/02/20247.57.3F5 BIG-IP/BIG-IP Next SPK Traffic Management Microkernel الحرمان من الخدمةFirewall SoftwareNot DefinedOfficial Fix0.020.00043CVE-2024-23314
14/02/20247.57.3F5 BIG-IP Advanced WAF/BIG-IP ASM Traffic Management Microkernel تلف الذاكرةFirewall SoftwareNot DefinedOfficial Fix0.020.00043CVE-2024-23805
14/02/20247.27.0F5 BIG-IP iControl REST توثيق ضعيفFirewall SoftwareNot DefinedOfficial Fix0.020.00043CVE-2024-22389
14/02/20247.57.3F5 BIG-IP Advanced WAF/BIG-IP ASM Request Body الحرمان من الخدمةFirewall SoftwareNot DefinedOfficial Fix0.020.00043CVE-2024-23308
14/02/20244.94.8F5 BIG-IP Next SPK/BIG-IP Next CNF الكشف عن المعلوماتFirewall SoftwareNot DefinedOfficial Fix0.040.00043CVE-2024-23306
14/02/20247.06.8F5 BIG-IP/BIG-IQ scp تجاوز الصلاحياتFirewall SoftwareNot DefinedOfficial Fix0.030.00043CVE-2024-21782
14/02/20247.57.3F5 BIG-IP AFM IPS Engine الحرمان من الخدمةFirewall SoftwareNot DefinedOfficial Fix0.020.00043CVE-2024-21771
14/02/20246.76.6F5 BIG-IP iControl REST Endpoint تجاوز الصلاحياتFirewall SoftwareNot DefinedOfficial Fix0.000.00043CVE-2024-22093
14/02/20247.57.3F5 BIG-IP Advanced WAF/BIG-IP ASM Traffic Management Microkernel الحرمان من الخدمةFirewall SoftwareNot DefinedOfficial Fix0.040.00043CVE-2024-21849
14/02/20247.57.3F5 BIG-IP Advanced WAF/BIG-IP ASM Virtual Server الحرمان من الخدمةFirewall SoftwareNot DefinedOfficial Fix0.020.00043CVE-2024-21789
14/02/20247.57.3F5 BIG-IP AFM Traffic Management Microkernel الحرمان من الخدمةFirewall SoftwareNot DefinedOfficial Fix0.020.00043CVE-2024-21763
14/02/20247.57.3F5 BIG-IP PEM Traffic Management Microkernel تلف الذاكرةFirewall SoftwareNot DefinedOfficial Fix0.020.00043CVE-2024-23982
26/10/20237.57.4F5 BIG-IP Configuration Utility حقن إس كيو إلFirewall SoftwareNot DefinedOfficial Fix0.020.00646CVE-2023-46748
26/10/20238.98.7F5 BIG-IP Configuration Utility توثيق ضعيفFirewall SoftwareNot DefinedOfficial Fix0.000.97202CVE-2023-46747
25/10/20235.35.3F5 BIG-IP/BIG-IP Next/BIG-IP Next SPK/BIG-IP Next CNF ZebOS BGP الحرمان من الخدمةFirewall SoftwareNot DefinedNot Defined0.030.00238CVE-2023-45886
10/10/20237.67.5F5 BIG-IP APM Edge Client Installer تجاوز الصلاحياتFirewall SoftwareNot DefinedOfficial Fix0.000.00053CVE-2023-5450
10/10/20236.56.4F5 BIG-IP Attack Signature Check تجاوز الصلاحياتFirewall SoftwareNot DefinedOfficial Fix0.030.00046CVE-2023-40534

685 بعض الادخالات لم يتم عرضها

Do you want to use VulDB in your project?

Use the official API to access entries easily!