Lucene search
K

224 matches found

CNNVD
CNNVD
added 2023/05/03 12:0 a.m.5 views

F5 BIG-IP Edge Gateway 安全漏洞

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A security bypass vulnerability exists in the F5 BIG-IP Edge Client for Windows and macOS, which can be exploited by an attack...

5.9CVSS6.7AI score0.00219EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/05/03 12:0 a.m.4 views

F5 BIG-IP Edge Gateway 信任管理问题漏洞

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A security bypass vulnerability exists in F5 BIG-IP Edge Client for Windows and macOS, which stems from incorrect certificate...

7.4CVSS6.7AI score0.00286EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/05/03 12:0 a.m.1 views

PT-2023-19621 · F5 · Big-Ip Edge Client

Name of the Vulnerable Software and Affected Versions: BIG-IP Edge Client for Windows and macOS affected versions not specified Description: An improper certificate validation issue exists and may allow an attacker to impersonate a BIG-IP APM system. Recommendations: At the moment, there is no...

7.4CVSS5.9AI score0.00286EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/04/14 12:0 a.m.23 views

F5 BIG-IP Edge Client Windows Component Installer 7.2.x < 7.2.3.1 DLL Hijacking (K07143733)

The version of the Big-IP Edge Client Windows Component Installer installed on the remote Windows host is 7.2.2.x or 7.2.3.x before 7.2.3.1. It is, therefore, affected by a DLL hijacking vulnerability exists in the BIG-IP Edge Client for Windows. User interaction and administrative privileges are...

6.5CVSS6.6AI score0.00197EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/14 12:0 a.m.24 views

F5 Networks BIG-IP : BIG-IP Edge Client for Windows vulnerability (K76964818)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.8.2 / 16.1.3.4 / 17.0.0.2 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K76964818 advisory. A DLL hijacking vulnerability exists in the BIG-IP Edge Client Windows Installer.CVE-2023-2235...

7.8CVSS7.4AI score0.00217EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2023/02/21 8:2 p.m.31 views

K51220077: BIG-IP APM Edge Client vulnerability CVE-2018-15316

Security Advisory Description The BIG-IP APM Edge Client component loads the policy library with user permission and bypassing the endpoint checks. CVE-2018-15316 Impact A malicious user can exploit this vulnerability on the APM Edge Client by injecting a library file which will be loaded by the...

5.5CVSS5.5AI score0.00592EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2023/02/21 8:2 p.m.56 views

K57110035: BIG-IP APM Edge Client for Windows logging vulnerability CVE-2022-27636

Security Advisory Description BIG-IP Edge Client may log sensitive APM session-related information when VPN is launched on a Windows system. CVE-2022-27636 Impact An attacker with privileges on the Windows system can view the logged sensitive APM session-related information. Security Advisory...

5.5CVSS5.3AI score0.00224EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2023/02/21 6:54 p.m.23 views

K20346072: BIG-IP Edge Client for Windows vulnerability CVE-2020-5897

Security Advisory Description A use-after-free memory vulnerability exists in the BIG-IP Edge Client Windows ActiveX component. CVE-2020-5897 Impact This vulnerability allows an attacker to trigger memory corruption to the browser or execute code from the browser when the attacker crafts a...

8.8CVSS6.9AI score0.01202EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2023/02/21 6:54 p.m.26 views

K15478554: BIG-IP Edge Client for Windows vulnerability CVE-2020-5896

Security Advisory Description The BIG-IP Edge Client Windows Installer Service's temporary folder has weak file and folder permissions, and allows execution of signed .exe and MSI files. CVE-2020-5896 Impact This vulnerability can be exploited to allow an unprivileged user to gain privilege...

7.8CVSS6.8AI score0.00284EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2023/02/21 6:53 p.m.71 views

K55102004: BIG-IP Edge Client for Windows vulnerability CVE-2020-5855

Security Advisory Description When the Windows Logon Integration feature is configured for BIG-IP Edge Client, unauthorized users who have physical access to an authorized user's machine can get shell access under unprivileged user. CVE-2020-5855 Impact Attackers may be able to bypass...

4.6CVSS5.6AI score0.00329EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2023/02/21 6:48 p.m.28 views

K15838353: BIG-IP Edge Client for Windows vulnerability CVE-2020-5892

Security Advisory Description The BIG-IP Edge Client components in BIG-IP APM, Edge Gateway, and FirePass legacy allow attackers to obtain the full session ID from process memory. CVE-2020-5892 Impact An attacker with sufficient local privileges on a client machine running Windows may be able to...

6.7CVSS6.3AI score0.00306EPSS
Exploits0Affected Software3
F5 Networks
F5 Networks
added 2023/02/21 6:47 p.m.126 views

K33552735: BIG-IP Edge Client for Windows vulnerability CVE-2022-29263

Security Advisory Description The BIG-IP Edge Client Component Installer Service does not use best practice while saving temporary files. CVE-2022-29263 Impact This vulnerability can be exploited to allow a low privileged attacker to gain privilege escalation on the client Windows system. Securit...

7.8CVSS7.5AI score0.002EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2023/02/21 6:46 p.m.35 views

K14969: BIG-IP Edge and FirePass client information leakage vulnerability CVE-2013-6024

Security Advisory Description The Edge Client components in F5 BIG-IP APM, BIG-IP Edge Gateway, and FirePass allow attackers to obtain sensitive information from process memory via unspecified vectors. CVE-2013-6024 Impact An attacker with sufficient local privileges on a client machine running...

4.4CVSS6.6AI score0.00357EPSS
Exploits0Affected Software3
F5 Networks
F5 Networks
added 2023/02/21 6:46 p.m.62 views

K08503505: BIG-IP Edge Client for Windows vulnerability CVE-2021-23022

Security Advisory Description The BIG-IP Edge Client Windows Installer Service's temporary folder has weak file and folder permissions. CVE-2021-23022 Impact This vulnerability can be exploited to allow an unprivileged user to run a specially crafted application to gain privilege escalation on th...

7.8CVSS7.8AI score0.00228EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.34 views

K06635145: BIG-IP Edge Client session ID vulnerability

Security Advisory Description BIG-IP Edge Client exposes the current session ID as part of the request URI when sending Keep-Alive' requests over an SSL channel. This approach can lead to exploit vulnerabilities in man-in-the-middle MITM SSL terminating proxies, which log the complete URI in thei...

6.5AI score
Exploits0Affected Software3
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.27 views

K97733133: BIG-IP APM Edge Client vulnerability CVE-2020-5893

Security Advisory Description When a user connects to a VPN using BIG-IP Edge Client over an unsecure network, BIG-IP Edge Client responds to authentication requests over HTTP while sending probes for captive portal detection. CVE-2020-5893 Impact An attacker can use a man-in-the-middle MITM atta...

4.3CVSS4.9AI score0.00561EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.32 views

K67501282: Overview of F5 vulnerabilities (June 2021)

Security Advisory Description On June 1, 2021, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities to help determine the impact to your F5 devices. You can find the details of each issue in the associated Security Advisory article...

9CVSS7.2AI score0.05346EPSS
Exploits3
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.28 views

K69154630: BIG-IP Edge Client for Windows vulnerability CVE-2020-5898

Security Advisory Description The BIG-IP Edge Client Windows Stonewall driver does not sanitize the pointer received from the userland. A local user on the Windows client system can send crafted DeviceIoControl requests to a \\.\urvpndrv device causing the Windows kernel to crash. CVE-2020-5898...

5.5CVSS5.4AI score0.00261EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2023/02/21 6:34 p.m.45 views

K30525503: BIG-IP APM Edge Client proxy vulnerability CVE-2022-23032

Security Advisory Description When proxy settings are configured in the network access resource of a BIG-IP APM system, connecting BIG-IP Edge Client on Mac and Windows is vulnerable to a DNS rebinding attack. CVE-2022-23032 Impact DNS rebinding allows external attackers to bypass the same-origin...

5.3CVSS5.5AI score0.00404EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2023/02/21 6:26 p.m.39 views

K33757590: BIG-IP Edge Client for Windows vulnerability CVE-2021-23023

Security Advisory Description A DLL hijacking issue exists in cachecleaner.dll included in the BIG-IP Edge Client Windows Installer. CVE-2021-23023 Impact This vulnerability may be exploited to allow an unprivileged user to use a malicious DLL to gain privilege escalation on the client Windows...

7.8CVSS7.8AI score0.003EPSS
Exploits0Affected Software2
Rows per page
Query Builder