fkie_cve-2022-1388
Vulnerability from fkie_nvd
Published
2022-05-05 17:15
Modified
2025-04-02 18:17
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
References
Impacted products
{ cisaActionDue: "2022-05-31", cisaExploitAdd: "2022-05-10", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "F5 BIG-IP Missing Authentication Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2FBA9552-4645-4BFF-91A4-47B6A3414325", versionEndIncluding: "11.6.5", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "DE2F2CB2-BE96-4DC8-B336-1E9A318B4604", versionEndIncluding: "12.1.6", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B31BA594-F521-4AE6-B1B6-6F1F5AB735F5", versionEndExcluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D2E2C67C-CF1B-4D54-A65D-1AD14DA61199", versionEndExcluding: "14.1.4.6", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F699242D-CA23-47D7-BB53-C96A7EF82239", versionEndExcluding: "15.1.5.1", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "758D4F60-C707-4C09-8FA1-9AFC232C2B68", versionEndExcluding: "16.1.2.2", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "61D1B91F-8672-4947-AF9A-F635679D0FB7", versionEndIncluding: "11.6.5", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "6E32CBE0-BFDC-4DCB-A365-2F3C4D680446", versionEndIncluding: "12.1.6", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "FB153379-872C-4800-AF9E-4219559291FD", versionEndExcluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5B12B864-CF0E-4015-B898-9FF24956898D", versionEndExcluding: "14.1.4.6", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E336C11E-2544-4AD1-A16B-640DB335048F", versionEndExcluding: "15.1.5.1", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "4B89C592-E704-4AA8-98EF-22E81A888D9F", versionEndExcluding: "16.1.2.2", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "C3787453-ECE9-4958-8FD8-8A43A9F86077", versionEndIncluding: "11.6.5", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "18666B67-A6EA-402B-926E-96348AB82831", versionEndIncluding: "12.1.6", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "C3B5C349-CF76-4C87-9A4F-86769F5666CD", versionEndExcluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "4E7A0B6B-F4B2-4E02-B49E-4CCED696971F", versionEndExcluding: "14.1.4.6", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "0E079B86-18A3-48D4-9413-D4EBB35E2682", versionEndExcluding: "15.1.5.1", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "6025496D-61A0-444D-85FF-9EB452FDC12D", versionEndExcluding: "16.1.2.2", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "05ED802A-A8A0-4E96-AB45-811A98AA11C2", versionEndIncluding: "11.6.5", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8AF5B8C5-98F2-45B5-A877-C3666E3D6876", versionEndIncluding: "12.1.6", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2B937D3C-6D0E-4D87-B9B0-A58A2866A37F", versionEndExcluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "DE3AC626-DC9B-4DA1-ABA0-335B3E20EAE8", versionEndExcluding: "14.1.4.6", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E827A475-5A25-4485-8F51-4A39CDB89201", versionEndExcluding: "15.1.5.1", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "9965A0FA-84CE-4E7C-92C8-C74A44F401E2", versionEndExcluding: "16.1.2.2", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B15992E6-85B6-4E62-A284-FE4B78F5F373", versionEndIncluding: "11.6.5", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "1849279E-9FB1-4D6A-8386-337F7DF151DF", versionEndIncluding: "12.1.6", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "93768065-555D-46EA-A6E4-00EA467573AA", versionEndExcluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "CDDFDBFD-8183-4F38-A1E9-B26A087F5EDF", versionEndExcluding: "14.1.4.6", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8A6EC6B2-9CDE-467B-94ED-4CD1214435A6", versionEndExcluding: "15.1.5.1", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0BDA0FAF-471B-415F-820C-446EDD53E327", versionEndExcluding: "16.1.2.2", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "8376922B-0D04-4E5D-BADE-0D6AC23A4696", versionEndIncluding: "11.6.5", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F489E5B1-1EC4-4E45-8EE6-6A4FCD0F386F", versionEndIncluding: "12.1.6", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "FB5B9015-1D83-46F8-A328-286D5CF811DC", versionEndExcluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "18B014EC-59DC-4956-A7F9-FDCCE6802701", versionEndExcluding: "14.1.4.6", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9BCBA7D9-05C4-4804-9DD9-6400D7717B71", versionEndExcluding: "15.1.5.1", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F4E0A3C3-F168-47D6-A54D-09722BE9EC92", versionEndExcluding: "16.1.2.2", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "0471086D-B70E-4B87-862E-01FB99B0D5D5", versionEndIncluding: "11.6.5", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "01C01794-36BD-4783-B962-07000FCE4788", versionEndIncluding: "12.1.6", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "CF82D6C0-DF3B-4F0E-B4A1-FDC7E3C9FECC", versionEndExcluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "3C1C42EF-0217-4A0F-B327-F9419745DC0D", versionEndExcluding: "14.1.4.6", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "97923BA5-DB8D-46CB-89DE-A2AB313557DA", versionEndExcluding: "15.1.5.1", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "800B3D3B-45FF-406F-8A32-70E00D2F9DE5", versionEndExcluding: "16.1.2.2", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "CD3D5803-35A0-4FF7-9AD3-E345C53A18FC", versionEndIncluding: "11.6.5", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5ED5A4F4-9FFF-43D0-B17D-838D6CEDDF04", versionEndIncluding: "12.1.6", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C7748E16-F5E4-4D23-A9BF-B9A5B6462536", versionEndExcluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "025F4F45-7EB2-4C8F-9F85-AEF4844A943D", versionEndExcluding: "14.1.4.6", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E0DD60EC-40A6-48DA-B2B9-B1881820056E", versionEndExcluding: "15.1.5.1", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3816AEE7-81A4-46F4-97EC-B156DA52C04D", versionEndExcluding: "16.1.2.2", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "E20DFBD1-5469-4330-81B1-078D6487C01D", versionEndIncluding: "11.6.5", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "16234A51-9C86-484A-B8D5-6EFB838CB564", versionEndIncluding: "12.1.6", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "FAF9D095-AC38-415A-B97E-909563DA7C89", versionEndExcluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "F94750C3-D5B8-4397-8211-5EEEF947BCEB", versionEndExcluding: "14.1.4.6", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "F702C966-4D1B-419A-8853-975DE634FE2C", versionEndExcluding: "15.1.5.1", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "384FD000-3901-4B01-B544-DE210FCFB3B1", versionEndExcluding: "16.1.2.2", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F92F2449-8A6E-431E-8CB1-5255D2464B31", versionEndIncluding: "11.6.5", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "61189D3B-8BF1-47A7-B5AC-A75E44D6BD5F", versionEndIncluding: "12.1.6", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "260092B3-CA15-4ECE-B4F9-075C714FFE76", versionEndExcluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B9242BCA-366B-4C8B-A9E9-FA422ADDF18D", versionEndExcluding: "14.1.4.6", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0FF9BCD4-9631-4AC9-95B2-DA7688FDA703", versionEndExcluding: "15.1.5.1", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "652E0726-38DB-4559-BAC1-860E02678F60", versionEndExcluding: "16.1.2.2", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "53F940F3-6CF4-48C8-BFBF-4FE9B3A26D31", versionEndIncluding: "11.6.5", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "9FBA5CDC-1989-4971-BD1B-F14E801F5017", versionEndIncluding: "12.1.6", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "CFE503F5-17E8-4893-ABA9-2075180EBA82", versionEndExcluding: "13.1.5", versionStartIncluding: "13.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "83B25AE8-6158-4448-B096-58105102CD78", versionEndExcluding: "14.1.4.6", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "7CA80562-DD10-47A8-8A9C-75056D8A81EC", versionEndExcluding: "15.1.5.1", versionStartIncluding: "15.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3C53D007-B6DD-447E-BA9A-5CE9137CAA80", versionEndExcluding: "16.1.2.2", versionStartIncluding: "16.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated", }, { lang: "es", value: "En F5 BIG-IP versiones 16.1.x anteriores a 16.1.2.2, versiones 15.1.x anteriores a 15.1.5.1, versiones 14.1.x anteriores a 14.1.4.6, versiones 13.1.x anteriores a 13.1.5 y todas las versiones 12.1.x y 11.6.x, las peticiones no reveladas pueden omitir la autenticación REST de iControl. Nota: las versiones de software que han alcanzado el Fin del Soporte Técnico (EoTS) no son evaluadas", }, ], id: "CVE-2022-1388", lastModified: "2025-04-02T18:17:58.003", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "f5sirt@f5.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Secondary", }, ], }, published: "2022-05-05T17:15:10.570", references: [ { source: "f5sirt@f5.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/167007/F5-BIG-IP-Remote-Code-Execution.html", }, { source: "f5sirt@f5.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/167118/F5-BIG-IP-16.0.x-Remote-Code-Execution.html", }, { source: "f5sirt@f5.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/167150/F5-BIG-IP-iControl-Remote-Code-Execution.html", }, { source: "f5sirt@f5.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K23605346", }, { source: "f5sirt@f5.com", tags: [ "Exploit", "Mitigation", "Third Party Advisory", ], url: "https://www.secpod.com/blog/critical-f5-big-ip-remote-code-execution-vulnerability-patch-now/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/167007/F5-BIG-IP-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/167118/F5-BIG-IP-16.0.x-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/167150/F5-BIG-IP-iControl-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K23605346", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mitigation", "Third Party Advisory", ], url: "https://www.secpod.com/blog/critical-f5-big-ip-remote-code-execution-vulnerability-patch-now/", }, ], sourceIdentifier: "f5sirt@f5.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-306", }, ], source: "f5sirt@f5.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-306", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.