In versions 7.1.5-7.1.8, the BIG-IP Edge Client components in BIG-IP APM, Edge Gateway, and FirePass legacy allow attackers to obtain the full session ID from process memory.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Big-ip_access_policy_manager | F5 | 11.6.1 (including) | 11.6.5 (including) |
Big-ip_access_policy_manager | F5 | 12.1.0 (including) | 12.1.5 (including) |
Big-ip_access_policy_manager | F5 | 13.0.0 (including) | 13.1.3 (including) |
Big-ip_access_policy_manager | F5 | 14.0.0 (including) | 14.1.2 (including) |
Big-ip_access_policy_manager | F5 | 15.0.0 (including) | 15.1.0 (including) |
Big-ip_access_policy_manager_client | F5 | 7.1.5 (including) | 7.1.8 (including) |
Big-ip_edge_gateway | F5 | 11.6.1 (including) | 11.6.5 (including) |
Big-ip_edge_gateway | F5 | 12.1.0 (including) | 12.1.5 (including) |
Big-ip_edge_gateway | F5 | 13.0.0 (including) | 13.1.3 (including) |
Big-ip_edge_gateway | F5 | 14.0.0 (including) | 14.1.2 (including) |
Big-ip_edge_gateway | F5 | 15.0.0 (including) | 15.1.0 (including) |