Versions
14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, 11.2.1-11.5.6
11.5.0-11.5.4
13.1.0-13.1.0.3
11.6.0 before 11.6.0 HF6, 11.5.0 before 11.5.3 HF2, 11.3.0 before 11.4.1 HF10
12.1.0-12.1.3.5
14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, 11.5.1-11.5.8
13.1.0-13.1.0.5
11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4
12.0.0 HF4
14.0.0-14.0.0.2, 13.0.0-13.1.1.1
12.0.0-12.1.3.3
12.0.0 through 12.1.2
11.2.1-11.6.3.2
13.0.0-13.1.0.3
14.0.0-14.0.0.2, 13.0.0-13.1.1.1, 12.1.0-12.1.3.7
11.4.0 â
12.1.0 through 12.1.2
11.6.0 through 11.6.1 HF1
11.6.0-11.6.1
11.5.1-11.6.1
11.5.1 HF6 through 11.5.4 HF4
11.4.1-11.5.5
14.0.0-14.0.0.2, 13.1.0.4-13.1.1.1, 12.1.3.4-12.1.3.6
" 11.6.1
13.0.0-13.0.1
11.6.0, 11.6.1
13.0.0-13.1.1.1, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, 11.5.1-11.5.8
12.0.0-12.1.3.1
11.5.1-11.5.x
11.5.0-11.5.6
11.6.1 HF2-11.6.3.1
11.2.1-11.6.3.1
11.6.0-11.6.3.1
13.0.0
12.1.0-12.1.3.1
13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, 11.2.1
14.1.0-14.1.0.1
EM 3.1.1
12.1.0-12.1.3.3
14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, 11.6.0-11.6.3.2
14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.1-11.6.3.2, 11.5.1-11.5.8
12.1.0-12.1.2
11.5.1-11.5.6
iWorkflow 2.x
11.6.1-11.6.x
11.5.1-11.6.3
12.1.0-12.1.1
11.6.0 â
11.6.0-11.6.3.2
BIG-IQ 6.x, 5.x, 4.x
11.6.1
11.5.1-11.5.5
12.0.0-12.1.1
" 11.5.4
12.0.0, 12.1.0, 12.1.1, 12.1.2
14.0.0-14.0.0.2, 13.0.0-13.1.1.1, 12.1.0-12.1.3.7, 3.1.1
13.0.0-13.1.0.5
11.2.1-11.5.6
13.1.0-13.1.0..7
11.5.4 HF4-11.5.5
11.5.1-11.5.4, 11.6.1, 12.1.0
11.4.0-11.6.1
12.0.0 HF3
12.0.0-12.1.2
11.5.1-11.6.3.2, 12.1.3.4-12.1.3.7, 13.0.0 HF1-13.1.1.1, 14.0.0-14.0.0.2
11.6.1-11.6.3.1
13.0.0-13.1.1.1
12.1.0-12.1.3
11.6.1 HF1
14.0.0
All versions 11.2.1+
13.0.0-13.1.0
13.0.0-13.1.0.7
14.0.0-14.0.0.2, 13.0.0-13.1.1.1, 12.1.0-12.1.3.6
12.0.0, 12.1.1
11.6.1-11.6.2
12.1.0-12.1.3.6
11.6.0-11.6.2
14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, 11.2.1-11.5.6
11.2.1
varies depending on product-see https://support.f5.com/csp/article/K92140924 for table
€
11.4.1-11.5.4
BIG-IP 14.0.x, 13.x, 12.x, 11.x
Recent CVEs
CVE-2019-6597
In BIG-IP 13.0.0-13.1.1.1, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8 or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.
CVE-2019-6600
In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, when remote authentication is enabled for administrative users and all external users are granted the "guest" role, unsanitized values can be reflected to the client via the login page. This can lead to a cross-site scripting attack against unauthenticated clients.
CVE-2019-6598
In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.1-11.6.3.2, or 11.5.1-11.5.8 or Enterprise Manager 3.1.1, malformed requests to the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, may lead to disruption of TMUI services. This attack requires an authenticated user with any role (other than the No Access role). The No Access user role cannot login and does not have the access level to perform the attack.
CVE-2019-6592
On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file when validating SSL certificates in client SSL or server SSL profiles.
CVE-2019-6594
On BIG-IP 11.5.1-11.6.3.2, 12.1.3.4-12.1.3.7, 13.0.0 HF1-13.1.1.1, and 14.0.0-14.0.0.2, Multi-Path TCP (MPTCP) does not protect against multiple zero length DATA_FINs in the reassembly queue, which can lead to an infinite loop in some circumstances.
CVE-2019-6593
On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configured with a Client SSL profile may be vulnerable to a chosen ciphertext attack against CBC ciphers. When exploited, this may result in plaintext recovery of encrypted messages through a man-in-the-middle (MITM) attack, despite the attacker not having gained access to the server's private key itself. (CVE-2019-6593 also known as Zombie POODLE and GOLDENDOODLE.)
CVE-2019-6589
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, and 11.6.0-11.6.3.2, a reflected Cross Site Scripting (XSS) vulnerability is present in an undisclosed page of the BIG-IP TMUI (Traffic Management User Interface) also known as the BIG-IP configuration utility.
CVE-2018-15333
On versions 11.2.1. and greater, unrestricted Snapshot File Access allows BIG-IP system's user with any role, including Guest Role, to have access and download previously generated and available snapshot files on the BIG-IP configuration utility such as QKView and TCPDumps.
CVE-2018-15329
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.
CVE-2018-15328
On BIG-IP 14.0.x, 13.x, 12.x, and 11.x, Enterprise Manager 3.1.1, BIG-IQ 6.x, 5.x, and 4.x, and iWorkflow 2.x, the passphrases for SNMPv3 users and trap destinations that are used for authentication and privacy are not handled by the BIG-IP system Secure Vault feature; they are written in the clear to the various configuration files.