Versions
13.0.0
12.1.0-12.1.1
11.6.1-11.6.2
12.1.0-12.1.3.1
13.1.0-13.1.0.5
13.0.0-13.1.0.1
13.0.0-13.1.0.7
11.2.1
11.5.1-11.5.6
11.6.0-11.6.3.1
12.1.0-12.1.3.5
13.1.0-13.1.0.3
Recent CVEs
CVE-2018-5541
When F5 BIG-IP ASM 13.0.0-13.1.0.1, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.5.1-11.5.6 is processing HTTP requests, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process.
CVE-2018-5539
Under certain conditions, on F5 BIG-IP ASM 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, 11.5.1-11.5.6, or 11.2.1, when processing CSRF protections, the BIG-IP ASM bd process may restart and produce a core file.
CVE-2018-5526
Under certain conditions, on F5 BIG-IP ASM 13.1.0-13.1.0.5, Behavioral DOS (BADOS) protection may fail during an attack.
CVE-2016-7472
F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request.
CVE-2018-5505
On F5 BIG-IP versions 13.1.0 - 13.1.0.3, when ASM and AVR are both provisioned, TMM may restart while processing DNS requests when the virtual server is configured with a DNS profile and the Protocol setting is set to TCP.
CVE-2017-6154
On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - 11.6.2, the BIG-IP ASM bd daemon may core dump memory under some circumstances when processing undisclosed types of data on systems with 48 or more CPU cores.