U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:f5:big-ip_access_policy_manager:7.2.3:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 5 matching records.
Displaying matches 1 through 5.
Vuln ID Summary CVSS Severity
CVE-2023-5450

An insufficient verification of data vulnerability exists in BIG-IP Edge Client Installer on macOS that may allow an attacker elevation of privileges during the installation process.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Published: October 10, 2023; 9:15:22 AM -0400
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-43611

The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process.  This vulnerability is due to an incomplete fix for CVE-2023-38418.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Published: October 10, 2023; 9:15:21 AM -0400
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-24461

An improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows and macOS and may allow an attacker to impersonate a BIG-IP APM system.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Published: May 03, 2023; 11:15:12 AM -0400
V3.1: 5.9 MEDIUM
V2.0:(not available)
CVE-2023-22372

In the pre connection stage, an improper enforcement of message integrity vulnerability exists in BIG-IP Edge Client for Windows and Mac OS.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Published: May 03, 2023; 11:15:11 AM -0400
V3.1: 5.9 MEDIUM
V2.0:(not available)
CVE-2015-4040

Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors.

Published: September 17, 2015; 12:59:01 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM