Access Policy Manager Clients F5 Networks Access Policy Manager Clients

Do you want an email whenever new security vulnerabilities are reported in F5 Networks Access Policy Manager Clients?

By the Year

In 2022 there have been 1 vulnerability in F5 Networks Access Policy Manager Clients with an average score of 7.8 out of ten. Last year Access Policy Manager Clients had 2 security vulnerabilities published. At the current rates, it appears that the number of vulnerabilities last year and this year may equal out. However, the average CVE base score of the vulnerabilities in 2022 is greater by 1.65.

Year Vulnerabilities Average Score
2022 1 7.80
2021 2 6.15
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Access Policy Manager Clients vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent F5 Networks Access Policy Manager Clients Security Vulnerabilities

On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2

CVE-2022-29263 7.8 - High - May 05, 2022

On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions prior to 7.2.1.5, the BIG-IP Edge Client Component Installer Service does not use best practice while saving temporary files. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Incorrect Permission Assignment for Critical Resource

When using BIG-IP APM 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, or all 12.1.x and 11.6.x versions or Edge Client versions 7.2.1.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, or 7.1.8.x before 7.1.8.5, the session ID is visible in the arguments of the f5vpn.exe command when VPN is launched

CVE-2021-23002 4.5 - Medium - March 31, 2021

When using BIG-IP APM 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, or all 12.1.x and 11.6.x versions or Edge Client versions 7.2.1.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, or 7.1.8.x before 7.1.8.5, the session ID is visible in the arguments of the f5vpn.exe command when VPN is launched from the browser on a Windows system. Addressing this issue requires both the client and server fixes. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.

In Edge Client version 7.2.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, and 7.1.x-7.1.8.x before 7.1.8.5, an untrusted search path vulnerability in the BIG-IP APM Client Troubleshooting Utility (CTU) for Windows could

CVE-2021-22980 7.8 - High - February 12, 2021

In Edge Client version 7.2.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, and 7.1.x-7.1.8.x before 7.1.8.5, an untrusted search path vulnerability in the BIG-IP APM Client Troubleshooting Utility (CTU) for Windows could allow an attacker to load a malicious DLL library from its current directory. User interaction is required to exploit this vulnerability in that the victim must run this utility on the Windows system. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.

Untrusted Path

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for F5 Networks Access Policy Manager Clients or by F5 Networks? Click the Watch button to subscribe.

F5 Networks
Vendor

subscribe