Vulnerabilities > F5 > Access Policy Manager Clients > 7.1.5

DATE CVE VULNERABILITY TITLE RISK
2021-03-31 CVE-2021-23002 Unspecified vulnerability in F5 Big-Ip Access Policy Manager
When using BIG-IP APM 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, or all 12.1.x and 11.6.x versions or Edge Client versions 7.2.1.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, or 7.1.8.x before 7.1.8.5, the session ID is visible in the arguments of the f5vpn.exe command when VPN is launched from the browser on a Windows system.
low complexity
f5
4.5
2021-02-12 CVE-2021-22980 Untrusted Search Path vulnerability in F5 Big-Ip Access Policy Manager
In Edge Client version 7.2.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, and 7.1.x-7.1.8.x before 7.1.8.5, an untrusted search path vulnerability in the BIG-IP APM Client Troubleshooting Utility (CTU) for Windows could allow an attacker to load a malicious DLL library from its current directory.
local
low complexity
f5 CWE-426
7.8