F5

Big-ip Access Policy Manager Client

18 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.4

CVE-2024-28883

  • EPSS 0.07%
  • Veröffentlicht 08.05.2024 15:15:09
  • Zuletzt bearbeitet 06.08.2025 15:56:39

An origin validation vulnerability exists in BIG-IP APM browser network access VPN client for Windows, macOS and Linux which may allow an attacker to bypass F5 endpoint inspection. Note: Software versions which have reached End of Technical...

8.2

CVE-2023-43125

  • EPSS 0.15%
  • Veröffentlicht 27.09.2023 16:21:34
  • Zuletzt bearbeitet 21.11.2024 08:23:44

BIG-IP APM clients may send IP traffic outside of the VPN tunnel.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

7.1

CVE-2023-43124

  • EPSS 0.08%
  • Veröffentlicht 27.09.2023 16:21:33
  • Zuletzt bearbeitet 21.11.2024 08:23:44

BIG-IP APM clients may send IP traffic outside of the VPN tunnel.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

7.8

CVE-2022-28714

  • EPSS 0.57%
  • Veröffentlicht 05.05.2022 17:15:14
  • Zuletzt bearbeitet 21.11.2024 06:57:47

On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions prior to 7...

5.5

CVE-2022-27636

  • EPSS 0.23%
  • Veröffentlicht 05.05.2022 17:15:13
  • Zuletzt bearbeitet 21.11.2024 06:56:04

On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions prior to 7...

5.3

CVE-2022-23032

  • EPSS 0.12%
  • Veröffentlicht 25.01.2022 20:15:10
  • Zuletzt bearbeitet 21.11.2024 06:47:50

In all versions before 7.2.1.4, when proxy settings are configured in the network access resource of a BIG-IP APM system, connecting BIG-IP Edge Client on Mac and Windows is vulnerable to a DNS rebinding attack. Note: Software versions which have rea...

7.8

CVE-2021-23022

  • EPSS 0.14%
  • Veröffentlicht 10.06.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 05:51:10

On version 7.2.1.x before 7.2.1.3 and 7.1.x before 7.1.9.9 Update 1, the BIG-IP Edge Client Windows Installer Service's temporary folder has weak file and folder permissions. Note: Software versions which have reached End of Technical Support (EoTS) ...

8.8

CVE-2020-5897

  • EPSS 0.86%
  • Veröffentlicht 12.05.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:34:47

In versions 7.1.5-7.1.9, there is use-after-free memory vulnerability in the BIG-IP Edge Client Windows ActiveX component.

5.5

CVE-2020-5898

  • EPSS 0.07%
  • Veröffentlicht 12.05.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:34:47

In versions 7.1.5-7.1.9, BIG-IP Edge Client Windows Stonewall driver does not sanitize the pointer received from the userland. A local user on the Windows client system can send crafted DeviceIoControl requests to \\.\urvpndrv device causing the Wind...

7.8

CVE-2020-5896

  • EPSS 0.06%
  • Veröffentlicht 12.05.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:34:47

On versions 7.1.5-7.1.9, the BIG-IP Edge Client's Windows Installer Service's temporary folder has weak file and folder permissions.