F5 Big-ip_fraud_protection_service
367 CVEs affecting F5 Big-ip_fraud_protection_service. Latest disclosed: 2026-05-13. Critical: 21, High: 214.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-41373 | Critical | 9.9 | 2023-10-10 | A directory traversal vulnerability exists in the BIG-IP Configuration Utility that may allow an authenticated attacker to execute commands on the BIG-IP syst… |
CVE-2021-22987 | Critical | 9.9 | 2021-03-31 | On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6… |
CVE-2022-1388 | Critical | 9.8 | 2022-05-05 | On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all… |
CVE-2021-22991 | Critical | 9.8 | 2021-03-31 | On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3, undisclosed reques… |
CVE-2021-22992 | Critical | 9.8 | 2021-03-31 | On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6… |
CVE-2021-22986 | Critical | 9.8 | 2021-03-31 | On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3 amd BIG-IQ 7.1.0.x… |
CVE-2020-5902 | Critical | 9.8 | 2020-07-01 | In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also… |
CVE-2019-6675 | Critical | 9.8 | 2019-11-26 | BIG-IP configurations using Active Directory, LDAP, or Client Certificate LDAP for management authentication with multiple servers are exposed to a vulnerabili… |
CVE-2019-6609 | Critical | 9.8 | 2019-04-15 | Platform dependent weakness. This issue only impacts iSeries platforms. On these platforms, in BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, F… |
CVE-2021-23037 | Critical | 9.6 | 2021-09-14 | On all versions of 16.1.x, 16.0.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed pa… |
CVE-2020-5948 | Critical | 9.6 | 2020-12-11 | On BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl… |
CVE-2019-6644 | Critical | 9.4 | 2019-09-04 | Similar to the issue identified in CVE-2018-12120, on versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, and 12.1.0-12.1.4 BIG-IP will bind a debug node… |
CVE-2021-22989 | Critical | 9.1 | 2021-03-31 | On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6… |
CVE-2020-5887 | Critical | 9.1 | 2020-04-30 | On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition (VE) may expose a mechanism for remote attackers to access local daem… |
CVE-2020-5886 | Critical | 9.1 | 2020-04-30 | On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems setup for connection mirroring in a High Availability (HA) p… |
CVE-2020-5885 | Critical | 9.1 | 2020-04-30 | On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems set up for connection mirroring in a high availability (HA)… |
CVE-2020-5884 | Critical | 9.1 | 2020-04-30 | On versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.4, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the default deployment mode for BIG-IP high availability (… |
CVE-2019-6649 | Critical | 9.1 | 2019-09-20 | F5 BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 and Enterprise Manager 3.1.1 may expose… |
CVE-2019-10744 | Critical | 9.1 | 2019-07-26 | Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of… |
CVE-2019-6592 | Critical | 9.1 | 2019-02-26 | On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file when validating SSL certificates in client SSL or server SSL profiles. |