F5 BIG-IP Data Forgery Issue Vulnerability

2023-08-0700:00:00

China National Vulnerability Database

www.cnvd.org.cn

big-ip

data forgery

vulnerability

edge client

insufficient data validation

exploitation

attack

server list

0.0004 Low

EPSS

Percentile

9.1%

JSON

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A data forgery issue vulnerability exists in the F5 BIG-IP Edge Client, which stems from the presence of insufficient data validation, and can be exploited by an attacker to modify their configured server list.

CPENameOperatorVersion
f5 big-ip (apm) >=14.1.0，le14.1.5
f5 big-ip (apm) >=13.1.0，le13.1.5
f5 big-ip (apm) >=16.1.0，le16.1.3
f5 big-ip apm >=15.1.0，le15.1.9
f5 big-ip apm >=17.0.0，le17.1.0
f5 apm clients >=7.2.3，<7.eq2.4.3

Name	Operator	Version
f5 big-ip (apm) >=14.1.0，	le	14.1.5
f5 big-ip (apm) >=13.1.0，	le	13.1.5
f5 big-ip (apm) >=16.1.0，	le	16.1.3
f5 big-ip apm >=15.1.0，	le	15.1.9
f5 big-ip apm >=17.0.0，	le	17.1.0
f5 apm clients >=7.2.3，<7.	eq	2.4.3

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CNVD-2023-65135