An improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows and macOS and may allow an attacker to impersonate a BIG-IP APM system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Credits
F5 acknowledges Gianluca Palma of Engineering Ingegneria Informatica S.p.A. for bringing this issue to our attention and following the highest standards of coordinated disclosure.
