Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

CVE-2023-22374

πŸ—“οΈΒ 01 Feb 2023Β 18:11:15Reported byΒ f5TypeΒ 
cve
Β cveπŸ”—Β web.nvd.nist.govπŸ‘Β 92Β Views

Format string vulnerability in iControl SOAP allows authenticated attacker to crash CGI process or execute arbitrary code. In BIG-IP appliance mode, it can cross security boundary

Show more
Related
Detection
Affected
Refs
Nvd
Node
f5big-ip_access_policy_managerRange14.1.4.6–14.1.5
OR
f5big-ip_access_policy_managerRange15.1.5.1–15.1.8
OR
f5big-ip_access_policy_managerRange16.1.2.2–16.1.3
OR
f5big-ip_access_policy_managerMatch13.1.5
OR
f5big-ip_access_policy_managerMatch17.0.0
OR
f5big-ip_advanced_firewall_managerRange14.1.4.6–14.1.5
OR
f5big-ip_advanced_firewall_managerRange15.1.5.1–15.1.8
OR
f5big-ip_advanced_firewall_managerRange16.1.2.2–16.1.3
OR
f5big-ip_advanced_firewall_managerMatch13.1.5
OR
f5big-ip_advanced_firewall_managerMatch17.0.0
OR
f5big-ip_analyticsRange14.1.4.6–14.1.5
OR
f5big-ip_analyticsRange15.1.5.1–15.1.8
OR
f5big-ip_analyticsRange16.1.2.2–16.1.3
OR
f5big-ip_analyticsMatch13.1.5
OR
f5big-ip_analyticsMatch17.0.0
OR
f5big-ip_application_acceleration_managerRange15.1.5.1–15.1.8
OR
f5big-ip_application_acceleration_managerRange16.1.2.2–16.1.3
OR
f5big-ip_application_acceleration_managerMatch13.1.5
OR
f5big-ip_application_acceleration_managerMatch17.0.0
OR
f5big-ip_application_security_managerRange14.1.4.6–14.1.5
OR
f5big-ip_application_security_managerRange15.1.5.1–15.1.8
OR
f5big-ip_application_security_managerRange16.1.2.2–16.1.3
OR
f5big-ip_application_security_managerMatch13.1.0
OR
f5big-ip_application_security_managerMatch17.0.0
OR
f5big-ip_ddos_hybrid_defenderRange14.1.4.6–14.1.5
OR
f5big-ip_ddos_hybrid_defenderRange15.1.5.1–15.1.8
OR
f5big-ip_ddos_hybrid_defenderRange16.1.2.2–16.1.3
OR
f5big-ip_ddos_hybrid_defenderMatch13.1.5
OR
f5big-ip_domain_name_systemRange14.1.4.6–14.1.5
OR
f5big-ip_domain_name_systemRange15.1.5.1–15.1.8
OR
f5big-ip_domain_name_systemRange16.1.2.2–16.1.3
OR
f5big-ip_domain_name_systemMatch17.0.0
OR
f5big-ip_fraud_protection_serviceRange15.1.5.1–15.1.8
OR
f5big-ip_fraud_protection_serviceRange16.1.2.2–16.1.3
OR
f5big-ip_fraud_protection_serviceMatch13.1.5
OR
f5big-ip_fraud_protection_serviceMatch17.0.0
OR
f5big-ip_link_controllerRange14.1.4.6–14.1.5
OR
f5big-ip_link_controllerRange15.1.5.1–15.1.8
OR
f5big-ip_link_controllerRange16.1.2.2–16.1.3
OR
f5big-ip_link_controllerMatch13.1.5
OR
f5big-ip_link_controllerMatch17.0.0
OR
f5big-ip_local_traffic_managerRange14.1.4.6–14.1.5
OR
f5big-ip_local_traffic_managerRange15.1.5.1–15.1.8
OR
f5big-ip_local_traffic_managerRange16.1.2.2–16.1.3
OR
f5big-ip_local_traffic_managerMatch13.1.5
OR
f5big-ip_local_traffic_managerMatch17.0.0
OR
f5big-ip_policy_enforcement_managerRange14.1.4.6–14.1.5
OR
f5big-ip_policy_enforcement_managerRange15.1.5.1–15.1.8
OR
f5big-ip_policy_enforcement_managerRange16.1.2.2–16.1.3
OR
f5big-ip_policy_enforcement_managerMatch13.1.5
OR
f5big-ip_policy_enforcement_managerMatch17.0.0
OR
f5big-ip_ssl_orchestratorRange14.1.4.6–14.1.5
OR
f5big-ip_ssl_orchestratorRange15.1.5.1–15.1.8
OR
f5big-ip_ssl_orchestratorRange16.1.2.2–16.1.3
OR
f5big-ip_ssl_orchestratorMatch13.1.5
OR
f5big-ip_ssl_orchestratorMatch17.0.0
[
  {
    "defaultStatus": "unknown",
    "modules": [
      "All Modules"
    ],
    "product": "BIG-IP",
    "vendor": "F5",
    "versions": [
      {
        "changes": [
          {
            "at": "Engineering Hotfix Available",
            "status": "unaffected"
          }
        ],
        "lessThan": "17.1.0",
        "status": "affected",
        "version": "17.0.0",
        "versionType": "semver"
      },
      {
        "changes": [
          {
            "at": "Engineering Hotfix Available",
            "status": "unaffected"
          }
        ],
        "lessThan": "16.1.3.4",
        "status": "affected",
        "version": "16.1.2.2",
        "versionType": "semver"
      },
      {
        "changes": [
          {
            "at": "Engineering Hotfix Available",
            "status": "unaffected"
          }
        ],
        "lessThan": "15.1.8.2",
        "status": "affected",
        "version": "15.1.5.1",
        "versionType": "semver"
      },
      {
        "changes": [
          {
            "at": "Engineering Hotfix Available",
            "status": "unaffected"
          }
        ],
        "lessThan": "14.1.5.4",
        "status": "affected",
        "version": "14.1.4.6",
        "versionType": "semver"
      },
      {
        "changes": [
          {
            "at": "Engineering Hotfix Available",
            "status": "unaffected"
          }
        ],
        "lessThan": "*",
        "status": "affected",
        "version": "13.1.5",
        "versionType": "semver"
      }
    ]
  }
]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
01 Feb 2023 18:15Current
8.5High risk
Vulners AI Score8.5
CVSS38.5
EPSS0.00044
CWE-134
cve-2023-22374format string vulnerabilityicontrol soapauthenticated attackercgi processarbitrary codebig-ipappliance modesecurity boundary
92
.json
Report