F5 Big-Ip Edge vulnerabilities

CVE-2023-22358 [HIGH] CWE-427 CVE-2023-22358: In versions beginning with 7 CVE-2023-22358: In versions beginning with 7 In versions beginning with 7.2.2 to before 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client Windows Installer. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Affected Products: BIG-IP APM, Big-Ip Edge Affected Versions: 13.1.0 - 13.1.5; 14.1.0 - 14.1.5; 15.1.0 - 15.1.8; 16.1.0 - 16.1.3; 17.0.0 - 17.0.0.2;

CVE-2023-22283 [MEDIUM] CWE-427 CVE-2023-22283: On versions beginning in 7 CVE-2023-22283: On versions beginning in 7 On versions beginning in 7.1.5 to before 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client for Windows. User interaction and administrative privileges are required to exploit this vulnerability because the victim user needs to run the executable on the system and the attacker requires administrative privileges for modifying the files in the trusted search p

CVE-2018-5529 [HIGH] CVE-2018-5529: The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or disrupt service.