threat
engine
.sh
Back
·
··:··
Home
/
Product
/
f5 ssl orchestrator
Product
f5 ssl orchestrator
27 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2021-23004
>= 11.6.1 and < 11.6.5.3
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.6, 12.1.x before 12.
7.5
HIGH
CVE-2021-23003
>= 11.6.1 and < 11.6.5.3
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.6, 12.1.x before 12.
7.5
HIGH
CVE-2021-23001
>= 11.6.1 and < 11.6.5.3
On versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3,
4.3
MEDIUM
CVE-2021-23000
>= 13.1.3.4 and < 13.1.3.6
On BIG-IP versions 13.1.3.4-13.1.3.6 and 12.1.5.2, if the tmm.http.rfc.enforcement BigDB key is enabled in a BIG-IP system, or the
7.5
HIGH
CVE-2021-22999
>= 14.1.0 and < 14.1.4
On versions 15.0.x before 15.1.0 and 14.1.x before 14.1.4, the BIG-IP system provides an option to connect HTTP/2 clients to HTTP/
7.5
HIGH
CVE-2021-22998
>= 11.6.1 and < 11.6.5.3
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.
5.3
MEDIUM
CVE-2021-22994
>= 11.6.1 and < 11.6.5.3
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.
6.1
MEDIUM
CVE-2021-22991
>= 12.1.0 and < 12.1.5.3
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before
9.8
CRITICAL
CVE-2021-22992
>= 11.6.1 and < 11.6.5.3
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.
9.8
CRITICAL
CVE-2021-22990
>= 11.6.1 and < 11.6.5.3
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.
7.2
HIGH
CVE-2021-22989
>= 11.6.1 and < 11.6.5.3
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.
9.1
CRITICAL
CVE-2021-22987
>= 11.6.1 and < 11.6.5.3
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.
9.9
CRITICAL
CVE-2021-22988
>= 11.6.1 and < 11.6.5.3
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.
8.8
HIGH
CVE-2021-22986
>= 12.1.0 and < 12.1.5.3
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before
9.8
CRITICAL
CVE-2020-27719
>= 14.1.0 and < 14.1.3.1
On BIG-IP 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.3, a cross-site scripting (XSS) vulnerability exists in an undisclosed
6.1
MEDIUM
CVE-2020-5947
>= 15.0.0 and < 15.1.2
In versions 16.0.0-16.0.0.1 and 15.1.0-15.1.1, on specific BIG-IP platforms, attackers may be able to obtain TCP sequence numbers
4.3
MEDIUM
CVE-2020-5938
>= 11.6.1 and <= 11.6.5.2
On BIG-IP 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when negotiating IPSec tunnels with configured, authenticated pee
6.5
MEDIUM
CVE-2020-5929
>= 11.6.1 and < 11.6.2
In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration
5.9
MEDIUM
CVE-2020-5922
>= 11.6.1 and <= 11.6.5
In BIG-IP versions 15.0.0-15.1.0.4, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2, iControl REST does not
8.8
HIGH
CVE-2020-5916
>= 15.0.0 and < 15.0.1.4
In BIG-IP versions 15.1.0-15.1.0.4 and 15.0.0-15.0.1.3 the Certificate Administrator user role and higher privileged roles can per
6.8
MEDIUM
CVE-2020-5913
>= 11.6.1 and < 11.6.5
In versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2, the BIG-IP Client or Server S
7.4
HIGH
CVE-2020-5912
>= 11.6.1 and < 11.6.5.2
In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the r
7.1
HIGH
CVE-2020-5902
>= 11.6.1 and < 11.6.5.2
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management
9.8
CRITICAL
CVE-2019-6674
>= 14.0.0 and <= 14.1.2
On F5 SSL Orchestrator 15.0.0-15.0.1 and 14.0.0-14.1.2, TMM may crash when processing SSLO data in a service-chaining configuratio
7.5
HIGH
CVE-2019-6630
>= 14.0.0 and < 14.0.0.5
On F5 SSL Orchestrator 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, undisclosed traffic flow may cause TMM to restart under certain circum
7.5
HIGH
CVE-2019-6627
>= 14.1.0 and < 14.1.0.6
On F5 SSL Orchestrator 14.1.0-14.1.0.5, on rare occasions, specific to a certain race condition, TMM may restart when SSL Forward
5.9
MEDIUM
CVE-2017-6130
all versions
F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is vulnerable to a Server-Side Request Forgery (SSRF) attack when dep
7.4
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin