3 matches found
K71891773: BIG-IP APM VPN vulnerability CVE-2021-23002
Security Advisory Description The session ID is visible in the arguments of the f5vpn.exe command when VPN is launched from the browser on a Windows system. Addressing this issue requires both the client and server fixes. CVE-2021-23002 Impact An attacker with privileges to view the command line ...
F5 Networks BIG-IP : BIG-IP APM VPN vulnerability (K71891773)
The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.3.6 / 14.1.4 / 15.1.2.1 / 16.0.1.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K71891773 advisory. - When using BIG-IP APM 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before...
CVE-2021-23002
The CVE-2021-23002 entry is supported by connected documents: BIG-IP APM and APM Client are affected; the issue exposes the session ID in the f5vpn.exe command line when VPN is launched from a browser on Windows. Root cause: session ID leakage in the VPN workflow across multiple BIG-IP release li...