F5 Luki w zabezpieczeniach

Oś czasu

Rodzaj

Firewall Software	624
Not Defined	71
Web Server	9
Policy Management Software	3
Android App Software	1

Produkt

F5 BIG-IP	436
F5 BIG-IP APM	60
F5 BIG-IP ASM	45
F5 BIG-IQ	38
F5 BIG-IP Advanced WAF	27

Przeciwdziałanie

Official Fix	464
Temporary Fix	0
Workaround	10
Unavailable	7
Not Defined	229

Wykorzystywanie

High	18
Functional	0
Proof-of-Concept	25
Unproven	7
Not Defined	660

Wektor dostępu

Not Defined	0
Physical	2
Local	53
Adjacent	70
Network	585

Uwierzytelnianie

Not Defined	0
High	54
Low	252
None	404

Interakcja z użytkownikiem

Not Defined	0
Required	102
None	608

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	5
≤4	57
≤5	138
≤6	169
≤7	172
≤8	130
≤9	26
≤10	13

CVSSv3 Temp

≤1	0
≤2	0
≤3	8
≤4	61
≤5	144
≤6	175
≤7	167
≤8	120
≤9	24
≤10	11

VulDB

≤1	0
≤2	1
≤3	22
≤4	120
≤5	136
≤6	212
≤7	61
≤8	125
≤9	21
≤10	12

NVD

≤1	0
≤2	0
≤3	0
≤4	5
≤5	35
≤6	82
≤7	50
≤8	166
≤9	25
≤10	28

CNA

≤1	0
≤2	0
≤3	0
≤4	4
≤5	18
≤6	27
≤7	16
≤8	74
≤9	11
≤10	3

Sprzedawca

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	2
<2k	19
<5k	155
<10k	273
<25k	251
<50k	10
<100k	0
≥100k	0

Wykorzystaj dzisiaj

<1k	442
<2k	55
<5k	98
<10k	98
<25k	17
<50k	0
<100k	0
≥100k	0

Wykorzystaj wielkość rynku

🔴 CTI Zajęcia

Affected Products (74): 3-DNS Controller (2), APM (1), ARX Data Manager (1), ASM (8), Access (1), Advanced WAF (6), BIG-IP (436), BIG-IP AAM (1), BIG-IP AF (1), BIG-IP AFM (20), BIG-IP APM (60), BIG-IP APM AD (1), BIG-IP APM Client (8), BIG-IP APM Client Troubleshooting Utility (1), BIG-IP APM Clients (3), BIG-IP APM Edge Client (3), BIG-IP ASM (45), BIG-IP Access Policy Manager (3), BIG-IP Advanced WAF (27), BIG-IP Analytics (3), BIG-IP Application Acceleration Manager (1), BIG-IP Application Security Manager (1), BIG-IP CGNAT (1), BIG-IP Configuration utility (2), BIG-IP Controller for Kubernetes (1), BIG-IP DNS (7), BIG-IP DataSafe (1), BIG-IP Edge Client (11), BIG-IP FPS (2), BIG-IP GTM (3), BIG-IP Guided Configuration (4), BIG-IP LTM (3), BIG-IP LTM GSLB (1), BIG-IP Manager (1), BIG-IP Next (1), BIG-IP Next CNF (2), BIG-IP Next SPK (4), BIG-IP PEM (7), BIG-IP Virtual Edition (9), BIG-IP Virtual Server (5), BIG-IQ (38), BIG-IQ Centralized Management (9), BIG-IQ Cloud (2), BIG-IQ iControl (1), Big-IP Protocol Security Manager (1), Big-ip Protocol Security Module (1), Container Ingress Service (1), Edge Gateway (1), Enterprise Manager (16), F5OS (1), F5OS-A (6), F5OS-C (4), FirePass (16), FirePass 1000 (1), FirePass 1200 (1), FirePass 4100 (5), Firepass (1), Firepass 4100 (3), NGINX Agent (1), NGINX Ingress Controller (2), NGINX Instance Manager (1), NGINX Management Suite (2), NGINX Open Source (2), NGINX Plus (2), NGINX Service Mesh (1), Orchestration (1), Products (1), Rising (3), SSL Intercept iApp (2), SSL Orchestrator (3), Security (1), Traffix SDC (2), WebSafe Alert Server (3), iWorkflow (7)

Link to Vendor Website: https://f5.com/

Opublikowano	Base	Temp	Słaby punkt	Prod	Wyk	Prz	EPSS	CTI	CVE
2024-02-14	6.7	6.6	F5 NGINX Plus/NGINX Open Source QUIC Module memory corruption	Web Server	Not Defined	Official Fix	0.00043	0.02	CVE-2024-24990
2024-02-14	5.1	5.0	F5 BIG-IP Appliance Mode privilege escalation	Firewall Software	Not Defined	Official Fix	0.00043	0.00	CVE-2024-23976
2024-02-14	7.5	7.3	F5 NGINX Plus/NGINX Open Source QUIC Module denial of service	Web Server	Not Defined	Official Fix	0.00043	0.00	CVE-2024-24989
2024-02-14	4.4	4.3	F5 F5OS-A/F5OS-C QKView Utility directory traversal	Nieznany	Not Defined	Official Fix	0.00044	0.02	CVE-2024-23607
2024-02-14	4.3	4.2	F5 BIG-IP Advanced WAF/BIG-IP ASM Configuration Utility sql injection	Firewall Software	Not Defined	Official Fix	0.00043	0.02	CVE-2024-23603
2024-02-14	4.7	4.7	F5 F5OS LDAP Remote Authentication privilege escalation	Nieznany	Not Defined	Official Fix	0.00043	0.03	CVE-2024-24966
2024-02-14	7.5	7.3	F5 BIG-IP Traffic Management Microkernel denial of service	Firewall Software	Not Defined	Official Fix	0.00043	0.06	CVE-2024-24775
2024-02-14	7.5	7.3	F5 BIG-IP Certificate denial of service	Firewall Software	Not Defined	Official Fix	0.00043	0.00	CVE-2024-23979
2024-02-14	7.5	7.3	F5 BIG-IP/BIG-IP Next SPK Traffic Management Microkernel denial of service	Firewall Software	Not Defined	Official Fix	0.00043	0.02	CVE-2024-23314
2024-02-14	7.5	7.3	F5 BIG-IP Advanced WAF/BIG-IP ASM Traffic Management Microkernel memory corruption	Firewall Software	Not Defined	Official Fix	0.00043	0.02	CVE-2024-23805
2024-02-14	7.2	7.0	F5 BIG-IP iControl REST weak authentication	Firewall Software	Not Defined	Official Fix	0.00043	0.04	CVE-2024-22389
2024-02-14	7.5	7.3	F5 BIG-IP Advanced WAF/BIG-IP ASM Request Body denial of service	Firewall Software	Not Defined	Official Fix	0.00043	0.02	CVE-2024-23308
2024-02-14	4.9	4.8	F5 BIG-IP Next SPK/BIG-IP Next CNF information disclosure	Firewall Software	Not Defined	Official Fix	0.00043	0.05	CVE-2024-23306
2024-02-14	7.0	6.8	F5 BIG-IP/BIG-IQ scp privilege escalation	Firewall Software	Not Defined	Official Fix	0.00043	0.00	CVE-2024-21782
2024-02-14	7.5	7.3	F5 BIG-IP AFM IPS Engine denial of service	Firewall Software	Not Defined	Official Fix	0.00043	0.02	CVE-2024-21771
2024-02-14	6.7	6.6	F5 BIG-IP iControl REST Endpoint privilege escalation	Firewall Software	Not Defined	Official Fix	0.00043	0.00	CVE-2024-22093
2024-02-14	7.5	7.3	F5 BIG-IP Advanced WAF/BIG-IP ASM Traffic Management Microkernel denial of service	Firewall Software	Not Defined	Official Fix	0.00043	0.04	CVE-2024-21849
2024-02-14	7.5	7.3	F5 BIG-IP Advanced WAF/BIG-IP ASM Virtual Server denial of service	Firewall Software	Not Defined	Official Fix	0.00043	0.02	CVE-2024-21789
2024-02-14	7.5	7.3	F5 BIG-IP AFM Traffic Management Microkernel denial of service	Firewall Software	Not Defined	Official Fix	0.00043	0.02	CVE-2024-21763
2024-02-14	7.5	7.3	F5 BIG-IP PEM Traffic Management Microkernel memory corruption	Firewall Software	Not Defined	Official Fix	0.00043	0.02	CVE-2024-23982
2023-10-26	7.5	7.4	F5 BIG-IP Configuration Utility sql injection	Firewall Software	Not Defined	Official Fix	0.00646	0.00	CVE-2023-46748
2023-10-26	8.9	8.7	F5 BIG-IP Configuration Utility weak authentication	Firewall Software	Not Defined	Official Fix	0.97135	0.02	CVE-2023-46747
2023-10-25	5.3	5.3	F5 BIG-IP/BIG-IP Next/BIG-IP Next SPK/BIG-IP Next CNF ZebOS BGP denial of service	Firewall Software	Not Defined	Not Defined	0.00238	0.03	CVE-2023-45886
2023-10-10	7.6	7.5	F5 BIG-IP APM Edge Client Installer privilege escalation	Firewall Software	Not Defined	Official Fix	0.00053	0.03	CVE-2023-5450
2023-10-10	6.5	6.4	F5 BIG-IP Attack Signature Check privilege escalation	Firewall Software	Not Defined	Official Fix	0.00046	0.03	CVE-2023-40534

685 więcej wpisów nie jest pokazywanych

🔒 Login Required

You need to signup and login to see more of the remaining 685 results.

◂ PoprzedniPrzeglądKolejny ▸

Interested in the pricing of exploits?

See the underground prices here!