f5 security advisories
8 threat alerts tracking vulnerabilities and security advisories that affect f5 products.
Vulnios monitors f5 CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent f5 security news in one place, or click into an individual alert for full detail.
Critical Vulnerability: CVE-2016-5700 — f5 — big-ip_policy_enforcement_manager, big-ip_local_traffic_manager
Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4, and 12.1.0 before HF2, when configured with
criticalCVE-2016-5700Critical Vulnerability: CVE-2016-5745 — f5 — big-ip_local_traffic_manager
F5 BIG-IP LTM systems 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF11, 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4
criticalCVE-2016-5745Critical Vulnerability: CVE-2016-5022 — f5 — big-ip_link_controller, big-ip_policy_enforcement_manager
F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and
criticalCVE-2016-5022Critical Vulnerability: CVE-2015-8098 — f5 — big-ip_access_policy_manager
F5 BIG-IP APM 11.4.1 before 11.4.1 HF9, 11.5.x before 11.5.3, and 11.6.0 before 11.6.0 HF4 allow remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors related
criticalCVE-2015-8098Critical Vulnerability: CVE-2015-8611 — f5 — big-ip_domain_name_system, big-ip_application_acceleration_manager
BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, and PEM 12.0.0 before HF1 on the 2000, 4000, 5000, 7000, and 10000 platforms do not properly sync passwords with the Always-On Manageme
criticalCVE-2015-8611Critical Vulnerability: CVE-2017-6165 — f5 — big-ip_access_policy_manager, big-ip_advanced_firewall_manager
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5.1 HF6 through 11.5.4 HF4, 11.6.0 through 11.6.1 HF1, and 12.0.0 through 12.1.2 on VIPRION platforms on
criticalCVE-2017-6165Critical Vulnerability: CVE-2017-6131 — f5 — big-ip_local_traffic_manager, big-ip_application_acceleration_manager
In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may contain a default administrative password which could be used to remotely log into the BIG-IP system. T
criticalCVE-2017-6131Critical Vulnerability: CVE-2017-0305 — f5 — ssl_intercept_iapp
F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration, extraction of sensitive system files, and
criticalCVE-2017-0305
Track f5 exposure across your environment
Vulnios automatically cross-references your asset inventory against new f5 CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.
Start a free scan