In Edge Client version 7.2.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, and 7.1.x-7.1.8.x before 7.1.8.5, an untrusted search path vulnerability in the BIG-IP APM Client Troubleshooting Utility (CTU) for Windows could allow an attacker to load a malicious DLL library from its current directory. User interaction is required to exploit this vulnerability in that the victim must run this utility on the Windows system. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.
2021-02-12T18:15:12.737
2024-11-21T05:51:03.643
Modified
CVSSv3.1: 7.8 (HIGH)
AV:L/AC:M/Au:N/C:C/I:C/A:C
3.4
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | f5 | access_policy_manager_clients | < 7.1.8.5 | Yes |
| Application | f5 | access_policy_manager_clients | < 7.1.9.8 | Yes |
| Application | f5 | access_policy_manager_clients | < 7.2.1.1 | Yes |
| Application | f5 | big-ip_access_policy_manager | ≤ 11.6.5 | Yes |
| Application | f5 | big-ip_access_policy_manager | ≤ 12.1.5 | Yes |
| Application | f5 | big-ip_access_policy_manager | < 13.1.3.6 | Yes |
| Application | f5 | big-ip_access_policy_manager | ≤ 14.1.3 | Yes |
| Application | f5 | big-ip_access_policy_manager | ≤ 15.1.2 | Yes |
| Application | f5 | big-ip_access_policy_manager | < 16.0.1.1 | Yes |