GCVE - cpe:2.3:a:n/a:big-ip_afm:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:big-ip_afm:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Big Ip Afm (`c71a23b7-9b9e-50f0-b6de-9c34ab5daff5`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-23028`	vulnerable	2026-06-08 05:40:56.038903	Details available On BIG-IP AFM version 16.x before 16.1.0, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all versions of 13.1.x, when global AFM SYN cookie protection (TCP Half Open flood vector) is activated in the AFM Device Dos or DOS profile, certain types of TCP connections will fail. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Published: 2022-01-25T19:11:35.000Z Updated: 2024-08-03T03:28:43.121Z Open on db.gcve.eu Reference links https://support.f5.com/csp/article/K16101409	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-23024`	vulnerable	2026-06-08 05:40:56.033056	Details available On BIG-IP AFM version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.2, and all versions of 13.1.x, when the IPsec application layer gateway (ALG) logging profile is configured on an IPsec ALG virtual server, undisclosed IPsec traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Published: 2022-01-25T19:11:28.000Z Updated: 2024-08-03T03:28:43.001Z Open on db.gcve.eu Reference links https://support.f5.com/csp/article/K54892865	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-23018`	vulnerable	2026-06-08 05:40:56.017397	Details available On BIG-IP AFM version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and 13.1.x beginning in 13.1.3.4, when a virtual server is configured with both HTTP protocol security and HTTP Proxy Connect profiles, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Published: 2022-01-25T19:11:25.000Z Updated: 2024-08-03T03:28:43.049Z Open on db.gcve.eu Reference links https://support.f5.com/csp/article/K24358905	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-23040`	vulnerable	2026-06-08 05:30:02.237009	Details available On BIG-IP AFM version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x, a SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. This issue is exposed only when BIG-IP AFM is provisioned. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Published: 2021-09-14T14:42:51.000Z Updated: 2024-08-03T18:58:26.369Z Open on db.gcve.eu Reference links https://support.f5.com/csp/article/K94255403	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-22983`	vulnerable	2026-06-08 05:30:02.078602	Details available On BIG-IP AFM version 15.1.x before 15.1.1, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.5, authenticated users accessing the Configuration utility for AFM are vulnerable to a cross-site scripting attack if they attempt to access a maliciously-crafted URL. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated. Published: 2021-02-12T17:57:08.000Z Updated: 2024-08-03T18:58:26.357Z Open on db.gcve.eu Reference links https://support.f5.com/csp/article/K76518456	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-5937`	vulnerable	2026-06-08 05:26:44.269804	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-5920`	vulnerable	2026-06-08 05:26:44.184498	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-27714`	vulnerable	2026-06-08 05:23:52.962592	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.