VYPR
Unrated severityNVD Advisory· Published May 5, 2022· Updated Sep 17, 2024

CVE-2022-27634

CVE-2022-27634

Description

On 16.1.x versions prior to 16.1.2.2 and 15.1.x versions prior to 15.1.5.1, BIG-IP APM does not properly validate configurations, allowing an authenticated attacker with high privileges to manipulate the APM policy leading to privilege escalation/remote code execution. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Affected products

2
  • F5, Inc./Big IPllm-fuzzy2 versions
    <16.1.2.2 || <15.1.5.1+ 1 more
    • (no CPE)range: <16.1.2.2 || <15.1.5.1
    • (no CPE)range: 16.1.x

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.