Security Advisory

CVE-2025-23415

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-05 17:31:00
Last updated 2025-02-12 20:51:34
Assigner f5
State PUBLISHED

Description

An insufficient verification of data authenticity vulnerability exists in BIG-IP APM Access Policy endpoint inspection that may allow an attacker to bypass endpoint inspection checks for VPN connection initiated thru BIG-IP APM browser network access VPN client for Windows, macOS and Linux. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.