Vigil@nce - F5 BIG-IP: information disclosure via Edge Client
February 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can read the F5 BIG-IP Edge Client memory, in order to
obtain sensitive information.
– Impacted products: BIG-IP Appliance
– Severity: 2/4
– Creation date: 05/02/2014
DESCRIPTION OF THE VULNERABILITY
The Edge Client component can be installed on clients of BIG-IP
APM, Edge Gateway or FirePass.
However, an attacker can obtain information from the Edge Client
memory. Technical details are unknown.
An attacker can therefore read the F5 BIG-IP Edge Client memory,
in order to obtain sensitive information.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/F5-BIG-IP-information-disclosure-via-Edge-Client-14177