Man-in-the-Middle (MitM) attack in BIG-IP APM and BIG-IP APM Clients

#VU76420 Man-in-the-Middle (MitM) attack in BIG-IP APM and BIG-IP APM Clients

Published: 2023-05-23

Vulnerability identifier: #VU76420

Vulnerability risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-22372

CWE-ID: CWE-300

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
BIG-IP APM
Hardware solutions / Security hardware applicances
BIG-IP APM Clients
Hardware solutions / Security hardware applicances

Vendor: F5 Networks

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to improper message integrity checks in BIG-IP Edge Client for Windows and Mac OS. A remote attacker can perform a man-in-the-middle (MitM) attack and modify requests and responses to and from the BIG-IP Edge Client.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

BIG-IP APM: 14.1.0 - 17.1.0

BIG-IP APM Clients: 7.2.2 - 7.2.4

External links
http://my.f5.com/manage/s/article/K000132522

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

MitM attack in BIG-IP Edge Client for Windows and macOS