Big-ip Access Policy Manager Client Security Vulnerabilities and Issues — Big-ip Access Policy Manager Client CVE List

Lucene search

F5Big-ip Access Policy Manager Client

8 matches found

CVE•added 2022/05/05 5:15 p.m.•113 views

CVE-2022-28714

On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions prior to 7.2.1.5, a DLL Hijacking vulnerability exists in t...

7.8CVSS7.6AI score0.00567EPSS

CVE•added 2021/06/10 4:15 p.m.•68 views

CVE-2021-23022

On version 7.2.1.x before 7.2.1.3 and 7.1.x before 7.1.9.9 Update 1, the BIG-IP Edge Client Windows Installer Service's temporary folder has weak file and folder permissions. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.8CVSS7.6AI score0.00137EPSS

CVE•added 2018/08/17 1:0 p.m.•59 views

CVE-2018-5546

The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host. A malicious local unprivileged user may gain knowledge of s...

7.8CVSS7.4AI score0.00127EPSS

CVE•added 2023/09/27 4:21 p.m.•56 views

CVE-2023-43124

BIG-IP APM clients may send IP traffic outside of the VPN tunnel. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

7.1CVSS6AI score0.00079EPSS

CVE•added 2018/12/06 2:0 p.m.•53 views

CVE-2018-15332

The svpn component of the F5 BIG-IP APM client prior to version 7.1.7.2 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host in a race condition.

7CVSS6.5AI score0.00123EPSS

CVE•added 2020/05/12 4:15 p.m.•46 views

CVE-2020-5896

On versions 7.1.5-7.1.9, the BIG-IP Edge Client's Windows Installer Service's temporary folder has weak file and folder permissions.

7.8CVSS7.6AI score0.00062EPSS

CVE•added 2019/09/25 8:15 p.m.•41 views

CVE-2019-6656

BIG-IP APM Edge Client before version 7.1.8 (7180.2019.508.705) logs the full apm session ID in the log files. Vulnerable versions of the client are bundled with BIG-IP APM versions 15.0.0-15.0.1, 14,1.0-14.1.0.6, 14.0.0-14.0.0.4, 13.0.0-13.1.1.5, 12.1.0-12.1.5, and 11.5.1-11.6.5. In BIG-IP APM 13....

7.5CVSS7.5AI score0.00537EPSS

CVE•added 2018/08/17 1:0 p.m.•38 views

CVE-2018-5547

Windows Logon Integration feature of F5 BIG-IP APM client prior to version 7.1.7.1 for Windows by default uses Legacy logon mode which uses a SYSTEM account to establish network access. This feature displays a certificate user interface dialog box which contains the link to the certificate policy. ...

7.8CVSS7.5AI score0.00132EPSS