In all versions before 7.2.1.4, when proxy settings are configured in the network access resource of a BIG-IP APM system, connecting BIG-IP Edge Client on Mac and Windows is vulnerable to a DNS rebinding attack. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
The product does not properly verify that the source of data or communication is valid.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Big-ip_access_policy_manager | F5 | 11.6.1 (including) | 11.6.5 (including) |
Big-ip_access_policy_manager | F5 | 12.1.0 (including) | 12.1.6 (including) |
Big-ip_access_policy_manager | F5 | 13.1.0 (including) | 13.1.4 (including) |
Big-ip_access_policy_manager | F5 | 14.1.0 (including) | 14.1.4 (including) |
Big-ip_access_policy_manager | F5 | 15.1.0 (including) | 15.1.5 (including) |
Big-ip_access_policy_manager | F5 | 16.0.0 (including) | 16.1.2 (including) |
Big-ip_access_policy_manager_client | F5 | 7.1.6 (including) | 7.1.9 (including) |
Big-ip_access_policy_manager_client | F5 | 7.2.1 (including) | 7.2.1.3 (including) |