CVE-2023-5450: 
F5 BIG-IP Virtual Edition vulnerability analysis and mitigation

An insufficient verification of data vulnerability (CVE-2023-5450) exists in BIG-IP Edge Client Installer on macOS that may allow an attacker elevation of privileges during the installation process. The vulnerability was disclosed on October 10, 2023, affecting F5's BIG-IP Access Policy Manager software (NVD).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (High) by NVD with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The vulnerability is classified under CWE-345 (Insufficient Verification of Data Authenticity). The attack requires local access and user interaction, but no privileges are needed to execute the attack (NVD).

If successfully exploited, this vulnerability could allow an attacker to gain elevated privileges during the installation process of the BIG-IP Edge Client on macOS systems. The impact affects confidentiality, integrity, and availability with high severity ratings (NVD).

F5 Networks has released security advisories and patches for affected versions. The vulnerability affects multiple versions of BIG-IP Access Policy Manager, including versions 7.2.3 to 7.2.4.5, 13.1.0 to 13.1.5, 14.1.0 to 14.1.5, 15.1.0 to 15.1.10, 16.1.0 to 16.1.4, and 17.1.0 (NVD).