When a user connects to a VPN using BIG-IP Edge Client over an unsecure network, BIG-IP Edge Client responds to authentication requests over HTTP while sending probes for captive portal detection. (CVE-2020-5893)
Impact
An attacker can use a man-in-the-middle (MITM) attack by deploying a malicious captive portal to exploit this vulnerability to obtain the encrypted NT Lan Manager (NTLM) challenge response. This can be used to carry out brute force dictionary attacks or NTLM relay attacks if the attacker has access to the Active Directory network.