Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
na/

BIG-IQ

22 Versions 22 CVEs

Versions

5.2.0-7.1.0

OTHER 2 CVEs

7.0.0-7.1.0.2

OTHER 1 CVE

BIG-IP 15.0.0-15.1.0.2, 14.1.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5.1, 11.5.2-11.6.5.1

OTHER 1 CVE

6.0.0-7.0.0

OTHER 1 CVE

6.0.0-6.1.0

OTHER 2 CVEs

iWorkflow 2.3.0, Enterprise Manager 3.1.1

OTHER 1 CVE

BIG-IP 15.0.0-15.1.0.4, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, 11.6.1-11.6.5.1

OTHER 1 CVE

BIG-IQ 7.1.0.x before 7.1.0.3, 7.0.0.x before 7.0.0.2

OTHER 1 CVE

BIG-IP 15.0.0-15.1.0.4, 14.1.0-14.1.2.7, 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, 11.6.1-11.6.5.2

OTHER 1 CVE

BIG-IQ 5.4.0-7.0.0

OTHER 1 CVE

BIG-IP 15.0.0-15.0.1.2, 14.1.0-14.1.2.2, 13.1.0-13.1.3.2, 12.1.0-12.1.5, 11.5.2-11.6.5.1

OTHER 1 CVE

7.1.0

SEMANTIC 1 CVE

5.1.0-5.4.0

OTHER 1 CVE

BIG-IQ 7.0.0, 6.0.0-6.1.0, 5.2.0-5.4.0

OTHER 3 CVEs

BIG-IQ 5.2.0-7.1.0

OTHER 1 CVE

5.2.0-7.0.0

OTHER 2 CVEs

All 7.x and 6.x versions

OTHER 4 CVEs

BIG-IP 15.0.0-15.0.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, 11.5.1-11.6.5.1

OTHER 1 CVE

All 7.x versons

OTHER 1 CVE

BIG-IQ 5.2.0-7.0.0

OTHER 1 CVE

8.0.x before 8.0.0.1, and all 6.x and 7.x versions

OTHER 1 CVE

6.0.0-6.1.0, 5.2.0-5.4.0

OTHER 1 CVE

Recent CVEs

CVE-2021-23024

On version 8.0.x before 8.0.0.1, and all 6.x and 7.x versions, the BIG-IQ Configuration utility has an authenticated remote command execution vulnerability in undisclosed pages. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

UNKNOWN Jun 10, 2021

CVE-2021-23006

On all 7.x and 6.x versions (fixed in 8.0.0), undisclosed BIG-IQ pages have a reflected cross-site scripting vulnerability. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.

UNKNOWN Mar 31, 2021

CVE-2021-23005

On all 7.x and 6.x versions (fixed in 8.0.0), when using a Quorum device for BIG-IQ high availability (HA) for automatic failover, BIG-IQ does not make use of Transport Layer Security (TLS) with the Corosync protocol. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.

UNKNOWN Mar 31, 2021

CVE-2021-22997

On all 7.x and 6.x versions (fixed in 8.0.0), BIG-IQ HA ElasticSearch service does not implement any form of authentication for the clustering transport services, and all data used by ElasticSearch for transport is unencrypted. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.

UNKNOWN Mar 31, 2021

CVE-2021-22995

On all 7.x and 6.x versions (fixed in 8.0.0), BIG-IQ high availability (HA) when using a Quorum device for automatic failover does not implement any form of authentication with the Corosync daemon. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.

UNKNOWN Mar 31, 2021