Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 big-ip access policy manager client vulnerabilities and exploits
(subscribe to this query)
436
VMScore
CVE-2020-5898
In versions 7.1.5-7.1.9, BIG-IP Edge Client Windows Stonewall driver does not sanitize the pointer received from the userland. A local user on the Windows client system can send crafted DeviceIoControl requests to \\.\urvpndrv device causing the Windows kernel to crash.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
641
VMScore
CVE-2018-5546
The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host. A malicious local unprivileged user may ...
F5 Big-ip Access Policy Manager Client
F5 Big-ip Access Policy Manager
641
VMScore
CVE-2021-23022
On version 7.2.1.x prior to 7.2.1.3 and 7.1.x prior to 7.1.9.9 Update 1, the BIG-IP Edge Client Windows Installer Service's temporary folder has weak file and folder permissions. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
383
VMScore
CVE-2020-5893
In versions 7.1.5-7.1.8, when a user connects to a VPN using BIG-IP Edge Client over an unsecure network, BIG-IP Edge Client responds to authentication requests over HTTP while sending probes for captive portal detection.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
409
VMScore
CVE-2020-5896
On versions 7.1.5-7.1.9, the BIG-IP Edge Client's Windows Installer Service's temporary folder has weak file and folder permissions.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
446
VMScore
CVE-2022-23032
In all versions prior to 7.2.1.4, when proxy settings are configured in the network access resource of a BIG-IP APM system, connecting BIG-IP Edge Client on Mac and Windows is vulnerable to a DNS rebinding attack. Note: Software versions which have reached End of Technical Suppor...
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
409
VMScore
CVE-2020-5892
In versions 7.1.5-7.1.8, the BIG-IP Edge Client components in BIG-IP APM, Edge Gateway, and FirePass legacy allow malicious users to obtain the full session ID from process memory.
F5 Big-ip Access Policy Manager
F5 Big-ip Edge Gateway
F5 Big-ip Access Policy Manager Client
409
VMScore
CVE-2022-29263
On F5 BIG-IP APM 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions before 7.2.1.5, the BIG-IP Edge Client Component...
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 11.6.1
F5 Big-ip Access Policy Manager 13.1.0
F5 Big-ip Access Policy Manager 14.1.0
F5 Big-ip Access Policy Manager 15.1.0
F5 Big-ip Access Policy Manager 14.1.4
F5 Big-ip Access Policy Manager 16.1.0
F5 Big-ip Access Policy Manager 17.0.0
F5 Big-ip Access Policy Manager 16.1.2
F5 Big-ip Access Policy Manager 16.1.1
F5 Big-ip Access Policy Manager 15.1.5
F5 Big-ip Access Policy Manager 15.1.4
F5 Big-ip Access Policy Manager 15.1.3
F5 Big-ip Access Policy Manager 15.1.2
F5 Big-ip Access Policy Manager 15.1.1
F5 Big-ip Access Policy Manager 14.1.3
F5 Big-ip Access Policy Manager 14.1.2
F5 Big-ip Access Policy Manager 13.1.5
F5 Big-ip Access Policy Manager 13.1.4
F5 Big-ip Access Policy Manager 13.1.3
392
VMScore
CVE-2013-6024
The Edge Client components in F5 BIG-IP APM 10.x, 11.x, 12.x, 13.x, and 14.x, BIG-IP Edge Gateway 10.x and 11.x, and FirePass 7.0.0 allow malicious users to obtain sensitive information from process memory via unspecified vectors.
F5 Big-ip Access Policy Manager 10.2.4
F5 Big-ip Access Policy Manager 11.0.0
F5 Big-ip Access Policy Manager 11.1.0
F5 Firepass 6.1.0
F5 Firepass 6.0.0
F5 Big-ip Access Policy Manager 10.1.0
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Access Policy Manager 11.2.0
F5 Big-ip Edge Gateway 10.2.4
F5 Big-ip Edge Gateway 11.0.0
F5 Big-ip Edge Gateway 11.5.0
F5 Big-ip Edge Gateway 10.1.0
F5 Big-ip Access Policy Manager 11.3.0
F5 Firepass 7.0.0
NA
CVE-2023-5450
An insufficient verification of data vulnerability exists in BIG-IP Edge Client Installer on macOS that may allow an attacker elevation of privileges during the installation process. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 17.1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5841
file upload
man-in-the-middle
arbitrary
CVE-2024-27801
CVE-2024-28020
CVE-2024-30080
CVE-2024-30069
CVE-2024-5843
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »