- What is the f5 CNA?
- f5 is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 742 CVE records since 2017.
- How many CVEs has f5 published?
- f5 has published 742 CVE records, including 136 in the last two years.
- What is f5's CVE data quality grade?
- RadicalNotion.AI grades f5's CVE data quality as D, with an overall completeness score of 62.4%. This reflects how consistently its CVE records include vendor (67.3%), product (99.9%), CVSS (36.9%), and CWE (45.6%) information.
- What products does f5 publish CVEs for?
- f5 most frequently publishes CVEs for big-ip_access_policy_manager, big-ip application security manager, big-ip advanced firewall manager, big-ip policy enforcement manager, big-ip local traffic manager.
- Which vendors does f5 cover?
- f5 publishes CVEs across 5 distinct vendors, most often F5, F5 Networks, Inc., nginx, apple, Red Hat.
- Is f5 actively publishing CVEs?
- f5 is currently active, based on 136 CVEs in the last two years.
- What is the average severity of f5's CVEs?
- The average CVSS base score across f5's scored CVEs is 7.1.
- How many critical CVEs has f5 published?
- f5 has published 46 critical-severity CVEs and 474 high-severity CVEs.
- Are any of f5's CVEs in CISA's Known Exploited Vulnerabilities catalog?
- Yes. 7 of f5's CVEs are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, meaning they are confirmed to be exploited in the wild.
- What are the most common weakness types in f5's CVEs?
- f5's CVEs most often map to these CWE weakness types: CWE-476 (NULL Pointer Dereference), CWE-400 (Uncontrolled Resource Consumption), CWE-20 (Improper Input Validation), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')).
- How does f5 rank among CNAs?
- By total CVE volume, f5 ranks #46 of 370 CNAs, and it reports more complete CVE records than 15% of all CNAs.