Lucene search
F5F5:K71891773HistoryMar 10, 2021 - 12:00 a.m.
K71891773 : BIG-IP APM VPN vulnerability CVE-2021-23002
2021-03-1000:00:00
my.f5.com
19
big-ip apm vpn
vulnerability
cve-2021-23002
session id
exposure
risk
f5vpn.exe
command line
attacker
privileges
process
windows system
Security Advisory Description
The session ID is visible in the arguments of the f5vpn.exe command when VPN is launched from the browser on a Windows system. Addressing this issue requires both the client and server fixes. (CVE-2021-23002)
Impact
An attacker with privileges to view the command line of the process may be able to view the session ID. If the session ID is exposed to the attacker, the attacker can use this information to launch further attacks.
Related
nvd
nvd
CVE-2021-23002
2021-03-31 18:15:15
CVE-2021-23007
2021-03-31 18:15:15
f5
f5
K23022557 : The BIG-IP system may respond with the NXDOMAIN status when it receives a DNS query of a certain type on a CNAME wide IP
2017-03-06 00:00:00
K88162221 : The BIG-IP ASM system may not properly perform signature checks on cookies
2021-02-10 00:00:00
K37451543 : TMM vulnerability CVE-2021-23007
2021-03-19 00:00:00
cve
cve
CVE-2021-23007
2021-03-31 18:15:15
CVE-2021-23002
2021-03-31 18:15:15
cvelist
cvelist
CVE-2021-23002
2021-03-31 17:32:20
CVE-2021-23007
2021-03-31 17:43:02
prion
prion
Design/Logic Flaw
2021-03-31 18:15:00
Code injection
2021-03-31 18:15:00
nessus
nessus
F5 Networks BIG-IP : BIG-IP APM VPN vulnerability (K71891773)
2021-10-28 00:00:00
F5 Networks BIG-IP : TMM vulnerability (K37451543)
2021-04-01 00:00:00