Published: 05/05/2022 Updated: 12/05/2022

CVSS v2 Base Score: 4.4 | Impact Score: 6.4 | Exploitability Score: 3.4

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 392

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

On F5 BIG-IP APM 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions before 7.2.1.5, a DLL Hijacking vulnerability exists in the BIG-IP Edge Client Windows Installer. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Vulnerable Product	Search on Vulmon	Subscribe to Product
f5 big-ip access policy manager 12.1.2
f5 big-ip access policy manager 12.1.1
f5 big-ip access policy manager 12.1.0
f5 big-ip access policy manager 11.6.1
f5 big-ip access policy manager 13.1.0
f5 big-ip access policy manager client 7.1.7
f5 big-ip access policy manager client 7.1.6
f5 big-ip access policy manager client 7.1.6.1
f5 big-ip access policy manager 14.1.0
f5 big-ip access policy manager 15.1.0
f5 big-ip access policy manager 12.1.4
f5 big-ip access policy manager 12.1.5
f5 big-ip access policy manager 12.1.6
f5 big-ip access policy manager 13.1.1
f5 big-ip access policy manager 13.1.3
f5 big-ip access policy manager 13.1.4
f5 big-ip access policy manager 13.1.5
f5 big-ip access policy manager 14.1.2
f5 big-ip access policy manager 14.1.3
f5 big-ip access policy manager 14.1.4
f5 big-ip access policy manager 15.1.1
f5 big-ip access policy manager 15.1.2
f5 big-ip access policy manager 15.1.3
f5 big-ip access policy manager 15.1.4
f5 big-ip access policy manager 15.1.5
f5 big-ip access policy manager 16.1.0
f5 big-ip access policy manager 16.1.1
f5 big-ip access policy manager 16.1.2
f5 big-ip access policy manager 17.0.0
f5 big-ip access policy manager client 7.2.1
f5 big-ip access policy manager 11.6.2
f5 big-ip access policy manager 11.6.3
f5 big-ip access policy manager 11.6.4
f5 big-ip access policy manager 11.6.5
f5 big-ip access policy manager 12.1.3
f5 big-ip access policy manager client 7.1.5
f5 big-ip access policy manager client 7.1.8
f5 big-ip access policy manager client 7.1.8.2
f5 big-ip access policy manager client 7.1.9

CWE-427 https://support.f5.com/csp/article/K54460845 https://nvd.nist.gov

CVE-2022-28714

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect