cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-28714,https://securityvulnerability.io/vulnerability/CVE-2022-28714,,"On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions prior to 7.2.1.5, a DLL Hijacking vulnerability exists in the BIG-IP Edge Client Windows Installer. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated",F5,"Big-ip Apm,Big-ip Apm Clients",7.3,HIGH,0.0006300000241026282,false,false,false,false,,false,false,2022-05-05T17:15:00.000Z,0
CVE-2022-29263,https://securityvulnerability.io/vulnerability/CVE-2022-29263,,"On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions prior to 7.2.1.5, the BIG-IP Edge Client Component Installer Service does not use best practice while saving temporary files. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated",F5,"Big-ip Apm,Big-ip Apm Clients",7.8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2022-05-05T17:15:00.000Z,0
CVE-2022-27636,https://securityvulnerability.io/vulnerability/CVE-2022-27636,,"On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions prior to 7.2.1.5, BIG-IP Edge Client may log sensitive APM session-related information when VPN is launched on a Windows system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated",F5,"Big-ip Apm,Big-ip Apm Clients",5.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2022-05-05T17:15:00.000Z,0
CVE-2021-23002,https://securityvulnerability.io/vulnerability/CVE-2021-23002,,"When using BIG-IP APM 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, or all 12.1.x and 11.6.x versions or Edge Client versions 7.2.1.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, or 7.1.8.x before 7.1.8.5, the session ID is visible in the arguments of the f5vpn.exe command when VPN is launched from the browser on a Windows system. Addressing this issue requires both the client and server fixes. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.",F5,Big-ip Apm And Edge Client,4.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2021-03-31T17:32:20.000Z,0
CVE-2019-6668,https://securityvulnerability.io/vulnerability/CVE-2019-6668,,"The BIG-IP APM Edge Client for macOS bundled with BIG-IP APM 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.5, and 11.5.1-11.6.5 may allow unprivileged users to access files owned by root.",F5,Big-ip Apm Edge Client,5.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2019-11-27T21:47:22.000Z,0
CVE-2019-6656,https://securityvulnerability.io/vulnerability/CVE-2019-6656,,"BIG-IP APM Edge Client before version 7.1.8 (7180.2019.508.705) logs the full apm session ID in the log files. Vulnerable versions of the client are bundled with BIG-IP APM versions 15.0.0-15.0.1, 14,1.0-14.1.0.6, 14.0.0-14.0.0.4, 13.0.0-13.1.1.5, 12.1.0-12.1.5, and 11.5.1-11.6.5. In BIG-IP APM 13.1.0 and later, the APM Clients components can be updated independently from BIG-IP software. Client version 7.1.8 (7180.2019.508.705) and later has the fix.",F5,Big-ip Apm Edge Client,7.5,HIGH,0.0017800000496208668,false,false,false,false,,false,false,2019-09-25T19:03:32.000Z,0
CVE-2018-15332,https://securityvulnerability.io/vulnerability/CVE-2018-15332,,The svpn component of the F5 BIG-IP APM client prior to version 7.1.7.2 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host in a race condition.,F5,"Big-ip (apm), Big-ip Apm Clients, Big-ip Edge Client",7,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2018-12-06T14:00:00.000Z,0
CVE-2018-15316,https://securityvulnerability.io/vulnerability/CVE-2018-15316,,"In F5 BIG-IP APM 13.0.0-13.1.1.1, APM Client 7.1.5-7.1.6, and/or Edge Client 7101-7160, the BIG-IP APM Edge Client component loads the policy library with user permission and bypassing the endpoint checks.",F5,"Big-ip (apm),Big-ip Apm Clients,Big-ip Edge Client",5.5,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2018-10-19T13:29:00.000Z,0
CVE-2018-5547,https://securityvulnerability.io/vulnerability/CVE-2018-5547,,"Windows Logon Integration feature of F5 BIG-IP APM client prior to version 7.1.7.1 for Windows by default uses Legacy logon mode which uses a SYSTEM account to establish network access. This feature displays a certificate user interface dialog box which contains the link to the certificate policy. By clicking on the link, unprivileged users can open additional dialog boxes and get access to the local machine windows explorer which can be used to get administrator privilege. Windows Logon Integration is vulnerable when the APM client is installed by an administrator on a user machine. Users accessing the local machine can get administrator privileges",F5,Big-ip Apm Client For Windows,7.8,HIGH,0.0005200000014156103,false,false,false,false,,false,false,2018-08-17T12:29:00.000Z,0
CVE-2018-5546,https://securityvulnerability.io/vulnerability/CVE-2018-5546,,"The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or assume super-user privileges on the local client host.",F5,"Big-ip Apm Client For Linux,Big-ip Apm Client For Mac OS",7.8,HIGH,0.0010900000343099236,false,false,false,false,,false,false,2018-08-17T12:29:00.000Z,0
CVE-2018-5529,https://securityvulnerability.io/vulnerability/CVE-2018-5529,,"The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or disrupt service.",F5,Big-ip Apm Client For Linux And Mac Osx,7.8,HIGH,0.0005200000014156103,false,false,false,false,,false,false,2018-07-12T00:00:00.000Z,0