Lucene search
HistorySep 27, 2023 - 4:21 p.m.
CVE-2023-43125
big-ip
apm
vpn
security vulnerability
cve-2023-43125
nvd
8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
8.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
37.0%
BIG-IP APM clients may send IP traffic outside of the VPN tunnel. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Affected configurations
Node
f5big-ip_access_policy_managerRange14.1.5.2–14.1.5.6
ORf5big-ip_access_policy_managerRange15.1.8–15.1.10
ORf5big-ip_access_policy_managerRange16.1.3.3–16.1.4
ORf5big-ip_access_policy_managerMatch13.1.5.1
ORf5big-ip_access_policy_managerMatch17.1.0
ORf5big-ip_access_policy_manager_clientRange7.2.3–7.2.4
CNA Affected
[
{
"defaultStatus": "unknown",
"platforms": [
"Windows",
"MacOS",
"Linux"
],
"product": "BIG-IP Edge Client",
"vendor": "F5",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "7.2.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unknown",
"platforms": [
"iOS",
"Android"
],
"product": "F5 Access",
"vendor": "F5",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "3.0",
"versionType": "semver"
}
]
}
]References
Related
prion
prion
Code injection
2023-09-27 16:21:00
nessus
nessus
f5
f5
K000136909 : BIG-IP APM Clients TunnelCrack vulnerability CVE-2023-43125
2023-09-27 00:00:00
cvelist
cvelist
CVE-2023-43125 BIG-IP APM Clients TunnelCrack vulnerability
2023-09-27 15:22:07
nvd
nvd
CVE-2023-43125
2023-09-27 16:21:34
8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
8.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
37.0%
Related for CVE-2023-43125