threat
engine
.sh
Back
·
··:··
Home
/
Product
/
f5 f5os c
Product
f5 f5os c
14 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-57780
>= 1.6.0 and <= 1.6.2
A vulnerability exists in F5OS-A and F5OS-C system that may allow an authenticated attacker with local access to escalate their pr
8.8
HIGH
CVE-2025-61955
>= 1.6.0 and <= 1.6.2
A vulnerability exists in F5OS-A and F5OS-C systems that may allow an authenticated attacker with local access to escalate their p
8.8
HIGH
CVE-2025-60015
>= 1.6.0 and <= 1.6.2
An out-of-bounds write vulnerability exists in F5OS-A and F5OS-C that could lead to memory corruption. Note: Software versi
5.7
MEDIUM
CVE-2025-59778
>= 1.6.0 and <= 1.6.2
When the Allowed IP Addresses feature is configured on the F5OS-C partition control plane, undisclosed traffic can cause multiple
7.5
HIGH
CVE-2025-47150
>= 1.6.0 and < 1.6.4
When SNMP is configured on F5OS Appliance and Chassis systems, undisclosed requests can cause an increase in SNMP memory resource
6.5
MEDIUM
CVE-2025-46265
>= 1.6.0 and <= 1.6.2
On F5OS, an improper authorization vulnerability exists where remotely authenticated users (LDAP, RADIUS, TACACS+) may be authoriz
8.8
HIGH
CVE-2025-43878
>= 1.6.0 and <= 1.6.2
When running in Appliance mode, an authenticated attacker assigned the Administrator or Resource Administrator role may be able to
6.0
MEDIUM
CVE-2025-36546
>= 1.6.0 and <= 1.6.2
On an F5OS system, if the root user had previously configured the system to allow login via SSH key-based authentication, and then
8.1
HIGH
CVE-2024-24966
>= 1.3.0 and < 1.6.0
When LDAP remote authentication is configured on F5OS, a remote user without an assigned role will be incorrectly authorized. No
6.2
MEDIUM
CVE-2024-23607
>= 1.3.0 and < 1.6.0
A directory traversal vulnerability exists in the F5OS QKView utility that allows an authenticated attacker to read files outside
5.5
MEDIUM
CVE-2023-22657
>= 1.3.0 and < 1.5.0
On F5OS-A beginning in version 1.2.0 to before 1.3.0 and F5OS-C beginning in version 1.3.0 to before 1.5.0, processing F5OS tenant
7.0
HIGH
CVE-2022-41835
> 1.3.0 and < 1.5.0
In F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.5.0, excessive file permissions in F5OS allows an authenticated
7.3
HIGH
CVE-2022-41780
> 1.1.0 and < 1.4.0
In F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.4.0, a directory traversal vulnerability exists in an undisclos
5.5
MEDIUM
CVE-2002-20001
>= 1.3.0 and <= 1.3.2
The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actual
7.5
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin