Vulnerabilities > F5 > Access Policy Manager Clients > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-08-02 CVE-2023-36858 Unspecified vulnerability in F5 products
An insufficient verification of data vulnerability exists in BIG-IP Edge Client for Windows and macOS that may allow an attacker to modify its configured server list.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
local
low complexity
f5
5.5
2021-03-31 CVE-2021-23002 Unspecified vulnerability in F5 Big-Ip Access Policy Manager
When using BIG-IP APM 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, or all 12.1.x and 11.6.x versions or Edge Client versions 7.2.1.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, or 7.1.8.x before 7.1.8.5, the session ID is visible in the arguments of the f5vpn.exe command when VPN is launched from the browser on a Windows system.
low complexity
f5
4.5