VYPR
Unrated severityNVD Advisory· Published Oct 19, 2022· Updated May 8, 2025

BIG-IP Advanced WAF and ASM iControl REST vulnerability CVE-2022-41617

CVE-2022-41617

Description

In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, When the Advanced WAF / ASM module is provisioned, an authenticated remote code execution vulnerability exists in the BIG-IP iControl REST interface.

Affected products

2
  • F5, Inc./Big IPllm-fuzzy
    Range: <13.1.5.1, <14.1.5.1, <15.1.6.1, <16.1.3.1
  • F5/BIG-IP Advanced WAF & ASMv5
    Range: 16.1.x

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.