Design/Logic Flaw

2023-02-0118:15:00

PRIOn knowledge base

www.prio-n.com

dll hijacking

big-ip edge client

windows

vulnerability

administrative privileges

0.0004 Low

EPSS

Percentile

9.1%

JSON

On versions beginning in 7.1.5 to before 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client for Windows. User interaction and administrative privileges are required to exploit this vulnerability because the victim user needs to run the executable on the system and the attacker requires administrative privileges for modifying the files in the trusted search path. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CPENameOperatorVersion
big-ip_access_policy_managerge13.1.0
big-ip_access_policy_managerle13.1.5
big-ip_access_policy_managerge14.1.0
big-ip_access_policy_managerle14.1.5
big-ip_access_policy_managerge15.1.0
big-ip_access_policy_managerle15.1.8
big-ip_access_policy_managerge16.1.0
big-ip_access_policy_managerle16.1.3
big-ip_access_policy_managerge17.0.0
big-ip_access_policy_managerlt17.0.0.2

Name	Operator	Version
big-ip_access_policy_manager	ge	13.1.0
big-ip_access_policy_manager	le	13.1.5
big-ip_access_policy_manager	ge	14.1.0
big-ip_access_policy_manager	le	14.1.5
big-ip_access_policy_manager	ge	15.1.0
big-ip_access_policy_manager	le	15.1.8
big-ip_access_policy_manager	ge	16.1.0
big-ip_access_policy_manager	le	16.1.3
big-ip_access_policy_manager	ge	17.0.0
big-ip_access_policy_manager	lt	17.0.0.2

Rows per page:

1-10 of 121

References

my.f5.com/manage/s/article/K07143733

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for PRION:CVE-2023-22283