vulnerability
F5 Networks: CVE-2022-41617: K11830089: BIG-IP Advanced WAF and ASM iControl REST vulnerability CVE-2022-41617
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:M/C:C/I:C/A:C) | Oct 19, 2022 | Jul 31, 2024 | Aug 11, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:M/C:C/I:C/A:C)
Published
Oct 19, 2022
Added
Jul 31, 2024
Modified
Aug 11, 2025
Description
In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, When the Advanced WAF / ASM module is provisioned, an authenticated remote code execution vulnerability exists in the BIG-IP iControl REST interface.
Solution
f5-big-ip-upgrade-latest
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.