Security Advisory Description
An origin validation vulnerability exists in the BIG-IP APM browser network access VPN client, which may allow an attacker to bypass F5 endpoint inspection. (CVE-2024-28883)
Impact
A remote unauthenticated attacker with a man-in-the-middle (MITM) position may exploit this vulnerability and establish a network access (VPN) connection with a BIG-IP APM system. This vulnerability specifically affects the BIG-IP APM browser network access VPN client when the BIG-IP APM access policy is configured with an endpoint inspection item in the Visual Policy Editor (VPE), Endpoint Security (client or server). BIG-IP Edge Client/F5 Access/CLI and other clients are not affected.
Vendor | Product | Version | CPE |
---|---|---|---|
f5 | big\-ip_apm | 15.1.0 | cpe:2.3:a:f5:big\-ip_apm:15.1.0:*:*:*:*:*:*:* |
f5 | big\-ip_apm | 15.1.1 | cpe:2.3:a:f5:big\-ip_apm:15.1.1:*:*:*:*:*:*:* |
f5 | big\-ip_apm | 15.1.10 | cpe:2.3:a:f5:big\-ip_apm:15.1.10:*:*:*:*:*:*:* |
f5 | big\-ip_apm | 15.1.2 | cpe:2.3:a:f5:big\-ip_apm:15.1.2:*:*:*:*:*:*:* |
f5 | big\-ip_apm | 15.1.3 | cpe:2.3:a:f5:big\-ip_apm:15.1.3:*:*:*:*:*:*:* |
f5 | big\-ip_apm | 15.1.4 | cpe:2.3:a:f5:big\-ip_apm:15.1.4:*:*:*:*:*:*:* |
f5 | big\-ip_apm | 15.1.5 | cpe:2.3:a:f5:big\-ip_apm:15.1.5:*:*:*:*:*:*:* |
f5 | big\-ip_apm | 15.1.6 | cpe:2.3:a:f5:big\-ip_apm:15.1.6:*:*:*:*:*:*:* |
f5 | big\-ip_apm | 15.1.7 | cpe:2.3:a:f5:big\-ip_apm:15.1.7:*:*:*:*:*:*:* |
f5 | big\-ip_apm | 15.1.8 | cpe:2.3:a:f5:big\-ip_apm:15.1.8:*:*:*:*:*:*:* |