发布于3月6日3月6日 Members F5 Networks: CVE-2025-23415: K000139656: BIG-IP APM endpoint inspection vulnerability CVE-2025-23415 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/06/2025 Created 02/07/2025 Added 02/06/2025 Modified 02/10/2025 Description An insufficient verification of data authenticity vulnerability exists in BIG-IP APM Access Policy endpoint inspection that may allow an attacker to bypass endpoint inspection checks for VPN connection initiated thru BIG-IP APM browser network access VPN client for Windows, macOS and Linux. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2025-23415 CVE - 2025-23415 https://my.f5.com/manage/s/article/K000139656
