CVE-2025-23415

LOW Year: 2025
CVSS v3 Score
3.1
Low
Weakness Type
CWE-345
View all →

Vulnerability Description

An insufficient verification of data authenticity vulnerability exists in BIG-IP APM Access Policy endpoint inspection that may allow an attacker to bypass endpoint inspection checks for VPN connection initiated thru BIG-IP APM browser network access VPN client for Windows, macOS and Linux. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Related Vulnerabilities

CVE-2017-2701

LOW
CVSS:3.3(Low)

Mate 9 with software MHA-AL00AC00B125 has a denial of service (DoS) vulnerability. An attacker tricks a user into installing a malicious application. Since the system does not verify the broadcasting ...

CWE-3452017

CVE-2018-15801

LOW
CVSS:3.3(Low)

Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation. In order to be impacted, the same private key for an honest issuer and a malic...

CWE-3452018

CVE-2021-3349

LOW
CVSS:3.3(Low)

GNOME Evolution through 3.38.3 produces a "Valid signature" message for an unknown identifier on a previously trusted key because Evolution does not retrieve enough information from the GnuPG API. NOT...

CWE-3452021

CVE-2021-41106

LOW
CVSS:3.3(Low)

JWT is a library to work with JSON Web Token and JSON Web Signature. Prior to versions 3.4.6, 4.0.4, and 4.1.5, users of HMAC-based algorithms (HS256, HS384, and HS512) combined with `Lcobucci\JWT\Sig...

CWE-3452021

CVE-2023-20570

LOW
CVSS:3.3(Low)

Insufficient verification of data authenticity in the configuration state machine may allow a local attacker to potentially load arbitrary bitstreams.

CWE-3452023

CVE-2019-20057

LOW
CVSS:3.7(Low)

com.proxyman.NSProxy.HelperTool in Privileged Helper Tool in Proxyman for macOS 1.11.0 and earlier allows an attacker to change the System Proxy and redirect all traffic to an attacker-controlled comp...

CWE-3452019