vulnerability
F5 Networks: K13325942: Appliance mode iControl REST vulnerability CVE-2022-41800
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:L/Au:S/C:C/I:C/A:C) | Nov 16, 2022 | Nov 16, 2022 | Nov 17, 2022 |
Severity
9
CVSS
(AV:N/AC:L/Au:S/C:C/I:C/A:C)
Published
Nov 16, 2022
Added
Nov 16, 2022
Modified
Nov 17, 2022
Description
When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary.
Solution
f5-big-ip-upgrade-latest
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.