Security Advisory Description
An open redirect vulnerability exists on virtual servers enabled with a BIG-IP APM access policy. This vulnerability allows an unauthenticated malicious attacker to build an open redirect URI. (CVE-2023-22418)
Impact
An unauthenticated attacker can create an open redirect URI with a specially crafted value and trick BIG-IP APM users into visiting the crafted URI. Victims may be redirected to a malicious website by following the misleading URI.