F5 Networks BIG-IP : BIG-IP APM Edge Client vulnerability (K51220077)
Low Nessus Plugin ID 118673
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe BIG-IP APM Edge Clientcomponent loads the policy library with user permission and bypassing the endpoint checks. (CVE-2018-15316)
A malicious user can exploit this vulnerability on the APM Edge Clientby injecting a library file which will be loaded by the policy server and bypass the endpoint checks. The endpoint inspection component forMac OS X and Linux platforms are vulnerable to this issue.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K51220077.