K51220077 : BIG-IP APM Edge Client vulnerability CVE-2018-15316

2018-10-1700:00:00

my.f5.com

0.001 Low

EPSS

Percentile

20.4%

JSON

Security Advisory Description

The BIG-IP APM Edge Client component loads the policy library with user permission and bypassing the endpoint checks. (CVE-2018-15316)

Impact

A malicious user can exploit this vulnerability on the APM Edge Client by injecting a library file which will be loaded by the policy server and bypass the endpoint checks. The endpoint inspection component for Mac OS X and Linux platforms are vulnerable to this issue.

CPENameOperatorVersion
big-iq centralized managementeq4.6.0
big-iq centralized managementeq5.0.0
big-iq centralized managementeq5.1.0
big-iq centralized managementeq5.2.0
big-iq centralized managementeq5.3.0
big-iq centralized managementeq5.4.0
big-iq centralized managementeq6.0.0
big-iq centralized managementeq6.0.1
big-ip afmeq11.5.1
big-ip afmeq11.5.2

Name	Operator	Version
big-iq centralized management	eq	4.6.0
big-iq centralized management	eq	5.0.0
big-iq centralized management	eq	5.1.0
big-iq centralized management	eq	5.2.0
big-iq centralized management	eq	5.3.0
big-iq centralized management	eq	5.4.0
big-iq centralized management	eq	6.0.0
big-iq centralized management	eq	6.0.1
big-ip afm	eq	11.5.1
big-ip afm	eq	11.5.2

Rows per page:

1-10 of 1941

0.001 Low

EPSS

Percentile

20.4%

JSON

Related for F5:K51220077