When using BIG-IP APM 16.0.x before, 15.1.x before, 14.1.x before 14.1.4, 13.1.x before, or all 12.1.x and 11.6.x versions or Edge Client versions 7.2.1.x before, 7.1.9.x before, or 7.1.8.x before, the session ID is visible in the arguments of the f5vpn.exe command when VPN is launched from the browser on a Windows system. Addressing this issue requires both the client and server fixes. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.

Source: CVE-2021-23002

댓글 남기기

이메일은 공개되지 않습니다. 필수 입력창은 * 로 표시되어 있습니다

Time limit is exhausted. Please reload the CAPTCHA.