Lucene search

[email protected]NVD:CVE-2024-28883

HistoryMay 08, 2024 - 3:15 p.m.

CVE-2024-28883

2024-05-0815:15:09

CWE-346

[email protected]

web.nvd.nist.gov

origin validation

big-ip apm

vpn client

endpoint inspection

vulnerability

windows

macos

linux

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON

An origin validation vulnerability exists in

BIG-IP APM browser network access VPN client

for Windows, macOS and Linux which may allow an attacker to bypass F5 endpoint inspection.

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

References

my.f5.com/manage/s/article/K000138744

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for NVD:CVE-2024-28883

cvelist1 f52 vulnrichment1 nessus1 cve1