BIG-IP Edge Client for macOS vulnerability

The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process.  This vulnerability is due to an incomplete fix for CVE-2023-38418.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

密码学签名的验证不恰当

F5 BIG-IP 数据伪造问题漏洞

F5 BIG-IP是美国F5公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的应用交付平台。 F5 BIG-IP 存在数据伪造问题漏洞，该漏洞源于 macOS 上的 BIG-IP Edge 客户端安装程序在安装过程中不遵循提升权限的最佳实践。

N/A

N/A