Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

f5 big-ip edge client vulnerabilities and exploits

(subscribe to this query)
2.1
CVSSv2
CVE-2018-15316
In F5 BIG-IP APM 13.0.0-13.1.1.1, APM Client 7.1.5-7.1.6, and/or Edge Client 7101-7160, the BIG-IP APM Edge Client component loads the policy library with user permission and bypassing the endpoint checks.
F5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager ClientF5 Big-ip Edge Client
4.6
CVSSv2
CVE-2020-5892
In versions 7.1.5-7.1.8, the BIG-IP Edge Client components in BIG-IP APM, Edge Gateway, and FirePass legacy allow malicious users to obtain the full session ID from process memory.
F5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager ClientF5 Big-ip Edge Gateway
4.4
CVSSv2
CVE-2013-6024
The Edge Client components in F5 BIG-IP APM 10.x, 11.x, 12.x, 13.x, and 14.x, BIG-IP Edge Gateway 10.x and 11.x, and FirePass 7.0.0 allow malicious users to obtain sensitive information from process memory via unspecified vectors.
F5 Big-ip Edge Gateway 10.1.0F5 Big-ip Edge Gateway 10.2.4F5 Big-ip Access Policy Manager 11.0.0F5 Firepass 6.0.0F5 Firepass 6.1.0F5 Big-ip Access Policy Manager 11.2.0F5 Big-ip Access Policy Manager 11.2.1F5 Big-ip Access Policy Manager 10.2.4F5 Big-ip Access Policy Manager 11.1.0F5 Big-ip Access Policy Manager 11.3.0F5 Big-ip Access Policy Manager 10.1.0F5 Big-ip Edge Gateway 11.0.0F5 Big-ip Edge Gateway 11.5.0F5 Firepass 7.0.0
4.4
CVSSv2
CVE-2022-28714
On F5 BIG-IP APM 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions before 7.2.1.5, a DLL Hijacking vulnerability ex...
F5 Big-ip Access Policy Manager 12.1.2F5 Big-ip Access Policy Manager 12.1.1F5 Big-ip Access Policy Manager 12.1.0F5 Big-ip Access Policy Manager 11.6.1F5 Big-ip Access Policy Manager 13.1.0F5 Big-ip Access Policy Manager Client 7.1.7F5 Big-ip Access Policy Manager Client 7.1.6F5 Big-ip Access Policy Manager Client 7.1.6.1F5 Big-ip Access Policy Manager 14.1.0F5 Big-ip Access Policy Manager 15.1.0F5 Big-ip Access Policy Manager 12.1.4F5 Big-ip Access Policy Manager 12.1.5F5 Big-ip Access Policy Manager 12.1.6F5 Big-ip Access Policy Manager 13.1.1F5 Big-ip Access Policy Manager 13.1.3F5 Big-ip Access Policy Manager 13.1.4F5 Big-ip Access Policy Manager 13.1.5F5 Big-ip Access Policy Manager 14.1.2F5 Big-ip Access Policy Manager 14.1.3F5 Big-ip Access Policy Manager 14.1.4F5 Big-ip Access Policy Manager 15.1.1F5 Big-ip Access Policy Manager 15.1.2
NA
CVE-2023-22358
In versions beginning with 7.2.2 to prior to 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client Windows Installer. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Big-ip Access Policy ManagerF5 Big-ip Edge -
4.3
CVSSv2
CVE-2020-5893
In versions 7.1.5-7.1.8, when a user connects to a VPN using BIG-IP Edge Client over an unsecure network, BIG-IP Edge Client responds to authentication requests over HTTP while sending probes for captive portal detection.
F5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager Client
NA
CVE-2023-22283
On versions beginning in 7.1.5 to prior to 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client for Windows. User interaction and administrative privileges are required to exploit this vulnerability because the victim user needs to run the executable on the sys...
F5 Big-ip Access Policy ManagerF5 Big-ip Edge -
4.6
CVSSv2
CVE-2020-5896
On versions 7.1.5-7.1.9, the BIG-IP Edge Client's Windows Installer Service's temporary folder has weak file and folder permissions.
F5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager Client
6.8
CVSSv2
CVE-2020-5897
In versions 7.1.5-7.1.9, there is use-after-free memory vulnerability in the BIG-IP Edge Client Windows ActiveX component.
F5 Big-ip Access Policy ManagerF5 Big-ip Access Policy Manager Client
5
CVSSv2
CVE-2018-5502
On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to disrupt services on the BIG-IP system with maliciously crafted client certificate. This vulnerability affects virtual servers associated with Client SSL profile which enables the use of client certificate authentic...
F5 Big-ip Local Traffic ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip Edge GatewayF5 Big-ip Link ControllerF5 Big-ip WebacceleratorF5 Big-ip AnalyticsF5 Big-ip Access Policy ManagerF5 Big-ip Application Security ManagerF5 Big-ip Domain Name SystemF5 Big-ip Websafe 1.0.0F5 Big-ip Application Acceleration ManagerF5 Big-ip Global Traffic ManagerF5 Big-ip Policy Enforcement Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook