F5 BIG-IP iControl REST vulnerability

Added: 05/13/2022
CVE: CVE-2022-1388

Background

F5 BIG-IP is a suite of network security products.

Problem

An authentication bypass vulnerability in the iControl REST service allows remote attackers to execute arbitrary commands.

Resolution

Upgrade to one of the fixed versions referenced in K23605346.

References

https://support.f5.com/csp/article/K23605346
https://www.horizon3.ai/f5-icontrol-rest-endpoint-authentication-bypass-technical-deep-dive/

Platforms

Linux

Back to exploit index