Lucene search
HistoryFeb 01, 2023 - 6:15 p.m.
CVE-2023-22358
vulnerability
dll hijacking
big-ip edge client
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.1%
In versions beginning with 7.2.2 to before 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client Windows Installer. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Affected configurations
Node
f5big-ip_access_policy_managerRange7.2.2–7.2.3.1clients
ORf5big-ip_access_policy_managerRange13.1.0–13.1.5
ORf5big-ip_access_policy_managerRange14.1.0–14.1.5
ORf5big-ip_access_policy_managerRange15.1.0–15.1.8
ORf5big-ip_access_policy_managerRange16.1.0–16.1.3
ORf5big-ip_access_policy_managerRange17.0.0–17.0.0.2
ORf5big-ip_edgeMatch-clientswindows
References
Related
cvelist
cvelist
CVE-2023-22358 BIG-IP Edge Client for Windows vulnerability
2023-02-01 17:54:31
nessus
nessus
cve
cve
CVE-2023-22358
2023-02-01 18:15:11
cnvd
cnvd
F5 BIG-IP Windows Edge Client client DLL hijacking vulnerability
2023-02-01 00:00:00
prion
prion
Design/Logic Flaw
2023-02-01 18:15:00
f5
f5
K000130496 : Overview of F5 vulnerabilities (February 2023)
2023-02-01 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.1%
Related for NVD:CVE-2023-22358