Primary

Context

F5 Access for Android Improper Certificate Validation Vulnerability

Vulnerability

A vulnerability exists in F5 Access for Android versions prior to 3.1.2, which uses HTTPS but fails to verify the identity of the remote endpoint. This flaw allows an attacker with the ability to intercept network traffic to potentially read or modify data in transit. The vulnerability specifically affects clients that do not detect the man-in-the-middle interception.

Impact

Exploitation of this vulnerability could lead to unauthorized interception and alteration of data being transmitted over the network.

Remediation

Users can upgrade to F5 Access for Android version 3.1.2 to address this vulnerability.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.9

exploitability

6.0

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.9

exploitability

6.0

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

F5 Access for Android Improper Certificate Validation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating