CVE-2020-5855
published 2020-02-06CVE-2020-5855: When the Windows Logon Integration feature is configured for all versions of BIG-IP Edge Client for Windows, unauthorized users who have physical access to an…
medium4.3CVSS 3.1
AVPACLPRNUINSUCLILAL
When the Windows Logon Integration feature is configured for all versions of BIG-IP Edge Client for Windows, unauthorized users who have physical access to an authorized user's machine can get shell access under unprivileged user.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | big-ip_access_policy_manager | 11.5.2 – 11.6.5 | — |
| f5 | big-ip_access_policy_manager | 12.1.0 – 12.1.5 | — |
| f5 | big-ip_access_policy_manager | 13.1.0 – 13.1.3 | — |
| f5 | big-ip_access_policy_manager | 14.1.0 – 14.1.2 | — |
| f5 | big-ip_access_policy_manager | 15.0.0 – 15.1.0 | — |
| f5 | big-ip_access_policy_manager_client | — | — |
| f5 | big-ip_access_policy_manager_client | 7.1.5 – 7.1.8 | — |
| f5 | big-ip_apm | — | — |
| f5 | edge_client_for_windows | — | — |