CVE-2022-35243

Authenticated iControl REST in Appliance mode vulnerability CVE-2022-35243

CVSS 8.7 HIGHEPSS 0.6%CWE-269

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 8.7EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

04 Aug 2022Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.5.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, using an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

Affected products

F5 · BIG-IP

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://support.f5.com/csp/article/K11010341