CVE-2022-26415

HIGH

F5 BIG-IP 12.1.x-16.1.x - Authenticated Appliance Mode Restriction Bypass via iControl REST Endpoint

Title source: llm
STIX 2.1

Description

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x, when running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing an undisclosed iControl REST endpoint. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

References (1)

Core 1
Core References
Vendor Advisory x_refsource_misc
https://support.f5.com/csp/article/K81952114

Scores

CVSS v3 7.7
EPSS 0.0052
EPSS Percentile 67.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N

Details

CWE
CWE-77
Status published
Products (11)
f5/big-ip_access_policy_manager 12.1.0 - 12.1.6
f5/big-ip_advanced_firewall_manager 12.1.0 - 12.1.6
f5/big-ip_analytics 12.1.0 - 12.1.6
f5/big-ip_application_acceleration_manager 12.1.0 - 12.1.6
f5/big-ip_application_security_manager 12.1.0 - 12.1.6
f5/big-ip_domain_name_system 12.1.0 - 12.1.6
f5/big-ip_fraud_protection_service 12.1.0 - 12.1.6
f5/big-ip_global_traffic_manager 12.1.0 - 12.1.6
f5/big-ip_link_controller 12.1.0 - 12.1.6
f5/big-ip_local_traffic_manager 12.1.0 - 12.1.6
... and 1 more
Published May 05, 2022
Tracked Since Feb 18, 2026