CVE-2024-28883
7.4
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
An origin validation vulnerability exists in
BIG-IP APM browser network access VPN client
for Windows, macOS and Linux which may allow an attacker to bypass F5 endpoint inspection.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| F5 | BIG-IP Edge Client | 7.2.3 < 7.2.4.4 | affected |
| F5 | BIG-IP | 17.1.0 < 17.1.1 | affected |
| F5 | BIG-IP | 16.1.0 < 16.1.4.2 | affected |
| F5 | BIG-IP | 15.1.0 < 15.1.10.3 | affected |
Weaknesses
- CWE-346: CWE-346 Origin Validation Error
ADP Enrichment
ADP Container
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.