CyberSec.Space Logo
Back to CVE Browser

CVE-2015-8611

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1880%
EPSS Percentile29.20th
PublishedJan 12, 2016
Last ModifiedMay 6, 2026

Vulnerability Description

BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, and PEM 12.0.0 before HF1 on the 2000, 4000, 5000, 7000, and 10000 platforms do not properly sync passwords with the Always-On Management (AOM) subsystem, which might allow remote attackers to obtain login access to AOM via an (1) expired or (2) default password.

Affected Platforms (CPE)

πŸ“¦
F5

Big Ip Domain Name System

= 12.0.0
πŸ“¦
F5

Big Ip Application Acceleration Manager

= 12.0.0
πŸ“¦
F5

Big Ip Link Controller

= 12.0.0
πŸ“¦
F5

Big Ip Policy Enforcement Manager

= 12.0.0
πŸ“¦
F5

Big Ip Advanced Firewall Manager

= 12.0.0
πŸ“¦
F5

Big Ip Local Traffic Manager

= 12.0.0
πŸ“¦
F5

Big Ip Access Policy Manager

= 12.0.0
πŸ“¦
F5

Big Ip Application Security Manager

= 12.0.0
πŸ“¦
F5

Big Ip Analytics

= 12.0.0

References & Advisories

πŸ”— http://www.securitytracker.com/id/1034629
πŸ”— https://support.f5.com/kb/en-us/solutions/public/k/05/sol05272632.html
πŸ”— http://www.securitytracker.com/id/1034629
πŸ”— https://support.f5.com/kb/en-us/solutions/public/k/05/sol05272632.html

Related Vulnerabilities

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...

CVE-2026-121886.3

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules...