Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Big\-Ip_access_policy_manager_client
(F5)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 17 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-04-30 | CVE-2020-5893 | In versions 7.1.5-7.1.8, when a user connects to a VPN using BIG-IP Edge Client over an unsecure network, BIG-IP Edge Client responds to authentication requests over HTTP while sending probes for captive portal detection. | Big\-Ip_access_policy_manager, Big\-Ip_access_policy_manager_client | 3.7 | ||
| 2020-04-30 | CVE-2020-5892 | In versions 7.1.5-7.1.8, the BIG-IP Edge Client components in BIG-IP APM, Edge Gateway, and FirePass legacy allow attackers to obtain the full session ID from process memory. | Big\-Ip_access_policy_manager, Big\-Ip_access_policy_manager_client, Big\-Ip_edge_gateway | 6.7 | ||
| 2021-06-10 | CVE-2021-23022 | On version 7.2.1.x before 7.2.1.3 and 7.1.x before 7.1.9.9 Update 1, the BIG-IP Edge Client Windows Installer Service's temporary folder has weak file and folder permissions. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | Big\-Ip_access_policy_manager, Big\-Ip_access_policy_manager_client | 7.8 | ||
| 2020-05-12 | CVE-2020-5898 | In versions 7.1.5-7.1.9, BIG-IP Edge Client Windows Stonewall driver does not sanitize the pointer received from the userland. A local user on the Windows client system can send crafted DeviceIoControl requests to \\.\urvpndrv device causing the Windows kernel to crash. | Big\-Ip_access_policy_manager, Big\-Ip_access_policy_manager_client | N/A | ||
| 2020-05-12 | CVE-2020-5897 | In versions 7.1.5-7.1.9, there is use-after-free memory vulnerability in the BIG-IP Edge Client Windows ActiveX component. | Big\-Ip_access_policy_manager, Big\-Ip_access_policy_manager_client | N/A | ||
| 2020-05-12 | CVE-2020-5896 | On versions 7.1.5-7.1.9, the BIG-IP Edge Client's Windows Installer Service's temporary folder has weak file and folder permissions. | Big\-Ip_access_policy_manager, Big\-Ip_access_policy_manager_client | N/A | ||
| 2018-10-19 | CVE-2018-15316 | In F5 BIG-IP APM 13.0.0-13.1.1.1, APM Client 7.1.5-7.1.6, and/or Edge Client 7101-7160, the BIG-IP APM Edge Client component loads the policy library with user permission and bypassing the endpoint checks. | Big\-Ip_access_policy_manager, Big\-Ip_access_policy_manager_client, Big\-Ip_edge_client | 5.5 |