VYPR
Unrated severityNVD Advisory· Published Dec 7, 2022· Updated Apr 23, 2025

Appliance mode iControl REST vulnerability

CVE-2022-41800

Description

In all versions of BIG-IP, when running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary.

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Affected products

2
  • F5, Inc./Big IPllm-fuzzy2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 17.0.x

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.