F5 Access Policy Manager Clients vulnerabilities
5 known vulnerabilities affecting f5/access_policy_manager_clients.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2023-38418HIGHCVSS 7.8≥ 7.2.3, < 7.2.4.32023-08-02
CVE-2023-38418 [HIGH] CWE-347 CVE-2023-38418:
The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges d
The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
nvd
CVE-2023-36858MEDIUMCVSS 5.5≥ 7.2.3, < 7.2.4.32023-08-02
CVE-2023-36858 [HIGH] CWE-345 CVE-2023-36858:
An insufficient verification of data vulnerability exists in BIG-IP Edge Client for Windows and mac
An insufficient verification of data vulnerability exists in BIG-IP Edge Client for Windows and macOS that may allow an attacker to modify its configured server list. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
nvd
CVE-2022-29263HIGHCVSS 7.8v7.1.8v7.1.8.5+5 more2022-05-05
CVE-2022-29263 [HIGH] CWE-732 CVE-2022-29263: On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versio
On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions prior to 7.2.1.5, the BIG-IP Edge Client Component Installer Service does not use best practice while saving temp
nvd
CVE-2021-23002MEDIUMCVSS 4.5≥ 7.1.5, < 7.1.8.5≥ 7.1.9, < 7.1.9.8+1 more2021-03-31
CVE-2021-23002 [MEDIUM] CVE-2021-23002: When using BIG-IP APM 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x b
When using BIG-IP APM 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, or all 12.1.x and 11.6.x versions or Edge Client versions 7.2.1.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, or 7.1.8.x before 7.1.8.5, the session ID is visible in the arguments of the f5vpn.exe command when VPN is launched from the browser on a
nvd
CVE-2021-22980HIGHCVSS 7.8≥ 7.1.5, < 7.1.8.5≥ 7.1.9, < 7.1.9.8+1 more2021-02-12
CVE-2021-22980 [HIGH] CWE-426 CVE-2021-22980: In Edge Client version 7.2.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, and 7.1.x-7.1.8.x before 7.1.8.
In Edge Client version 7.2.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, and 7.1.x-7.1.8.x before 7.1.8.5, an untrusted search path vulnerability in the BIG-IP APM Client Troubleshooting Utility (CTU) for Windows could allow an attacker to load a malicious DLL library from its current directory. User interaction is required to exploit this vulnerability i
nvd