7.3
CVE-2025-48500
- EPSS 0.02%
- Veröffentlicht 13.08.2025 14:46:54
- Zuletzt bearbeitet 21.10.2025 18:29:37
- Quelle f5sirt@f5.com
- CVE-Watchlists
- Unerledigt
A missing file integrity check vulnerability exists on MacOS F5 VPN browser client installer that may allow a local, authenticated attacker with access to the local file system to replace it with a malicious package installer. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch National Vulnerability Database (NVD)
F5 ≫ Big-ip Access Policy Manager Version >= 15.1.0 < 15.1.10.8
F5 ≫ Big-ip Access Policy Manager Version >= 16.1.0 < 16.1.6.1
F5 ≫ Big-ip Access Policy Manager Version >= 17.1.0 < 17.1.3
F5 ≫ Big-ip Access Policy Manager Version >= 17.5.0 < 17.5.1.3
F5 ≫ Big-ip Access Policy Manager Client Version7.2.5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.024 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| f5sirt@f5.com | 7 | 0 | 0 |
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| f5sirt@f5.com | 7.3 | 1.3 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
|
CWE-353 Missing Support for Integrity Check
The product uses a transmission protocol that does not include a mechanism for verifying the integrity of the data during transmission, such as a checksum.