BIG-IP Edge Client for macOS vulnerability

CVE-2023-5450

7.3HIGH

Key Information

Vendor: F5
Status: Big-ip Edge Client
Vendor: CVE Published:; 10 October 2023

Summary

An insufficient verification of data vulnerability exists in BIG-IP Edge Client Installer on macOS that may allow an attacker elevation of privileges during the installation process. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Affected Version(s)

BIG-IP Edge Client < 7.2.4.5

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Risk change from: 7.8 to: 7.3 - (HIGH)
Sep 13, 2024
Vulnerability published.
Oct 10, 2023
Vulnerability Reserved.
Oct 6, 2023

Collectors

NVD DatabaseMitre Database

Credit

F5 acknowledges Mickey Jin (@patch1t) of Trend Micro for bringing this issue to our attention and following the highest standards of coordinated disclosure.