cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-23002,https://securityvulnerability.io/vulnerability/CVE-2021-23002,Session ID Exposure in BIG-IP APM and Edge Client by F5 Networks,"The F5 BIG-IP APM and Edge Client expose session IDs in the command arguments when launching the VPN from a web browser on Windows systems. This vulnerability affects several versions of both the BIG-IP APM and Edge Client, necessitating coordinated updates for both client and server to mitigate the risks associated with potential interception of session identifiers.",F5,Big-ip Apm And Edge Client,4.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-03-31T17:32:20.000Z,0
CVE-2019-6668,https://securityvulnerability.io/vulnerability/CVE-2019-6668,File Access Vulnerability in BIG-IP APM Edge Client for macOS by F5 Networks,"A vulnerability in the BIG-IP APM Edge Client for macOS allows unprivileged users to gain access to files that should be protected and only accessible by the root user. This issue is present in several versions of the client, making it a significant concern for users who rely on effective access controls to safeguard sensitive information. Proper mitigation steps should be taken to ensure system integrity and protect against unauthorized file access.",F5,Big-ip Apm Edge Client,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-11-27T21:47:22.000Z,0
CVE-2019-6656,https://securityvulnerability.io/vulnerability/CVE-2019-6656,Logging Vulnerability in BIG-IP APM Edge Client Affects F5 Networks,"The F5 Networks BIG-IP APM Edge Client versions prior to 7.1.8 expose sensitive information by logging full application session IDs in log files. This practice can lead to potential unauthorized access as the session IDs may reveal user session data. It is crucial for users of affected BIG-IP APM versions, including 15.0.0-15.0.1, 14.1.0-14.1.0.6, and others, to upgrade to the fixed version. Starting with BIG-IP APM version 13.1.0, the APM Client components can be updated independently from the BIG-IP software, enabling better security management.",F5,Big-ip Apm Edge Client,7.5,HIGH,0.0017800000496208668,false,,false,false,false,,,false,false,,2019-09-25T19:03:32.000Z,0
CVE-2018-15332,https://securityvulnerability.io/vulnerability/CVE-2018-15332,,The svpn component of the F5 BIG-IP APM client prior to version 7.1.7.2 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host in a race condition.,F5,"Big-ip (apm), Big-ip Apm Clients, Big-ip Edge Client",7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2018-12-06T14:00:00.000Z,0
CVE-2018-15316,https://securityvulnerability.io/vulnerability/CVE-2018-15316,,"In F5 BIG-IP APM 13.0.0-13.1.1.1, APM Client 7.1.5-7.1.6, and/or Edge Client 7101-7160, the BIG-IP APM Edge Client component loads the policy library with user permission and bypassing the endpoint checks.",F5,"Big-ip (apm),Big-ip Apm Clients,Big-ip Edge Client",5.5,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2018-10-19T13:29:00.000Z,0