Lucene search
HistoryMay 03, 2023 - 3:15 p.m.
CVE-2023-22372
pre connection stage
enforcement
vulnerability
big-ip edge client
windows
mac os
software
eots
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
0.001 Low
EPSS
Percentile
19.4%
In the pre connection stage, an improper enforcement of message integrity vulnerability exists in BIG-IP Edge Client for Windows and Mac OS. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Affected configurations
Node
f5big-ip_access_policy_managerRange7.2.2–7.2.4.1
ORf5big-ip_access_policy_managerRange13.1.0–13.1.5
ORf5big-ip_access_policy_managerRange14.1.0–14.1.5
ORf5big-ip_access_policy_managerRange15.1.0–15.1.8
ORf5big-ip_access_policy_managerRange16.1.0–16.1.3
ORf5big-ip_access_policy_managerRange17.0.0–17.1.0
applemacosMatch-
ORmicrosoftwindowsMatch-
References
Related
cvelist
cvelist
CVE-2023-22372 BIG-IP Edge Client for Windows and Mac OS vulnerability
2023-05-03 14:30:55
f5
f5
K000132522 : BIG-IP Edge Client for Windows and macOS vulnerability CVE-2023-22372
2023-05-03 00:00:00
K000133251 : Overview of F5 vulnerabilities (May 2023)
2023-05-03 00:00:00
nessus
nessus
prion
prion
Code injection
2023-05-03 15:15:00
cve
cve
CVE-2023-22372
2023-05-03 15:15:11
cnvd
cnvd
F5 BIG-IP Edge Client for Windows and macOS Security Bypass Vulnerability
2023-05-09 00:00:00
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
0.001 Low
EPSS
Percentile
19.4%
Related for NVD:CVE-2023-22372