When the F5 BIG-IP Advanced WAF or BIG-IP ASM module is provisioned, an authenticated remote code execution vulnerability exists in the BIG-IP iControl REST interface. (CVE-2022-41617)
Impact
On systems deployed in Standard or Appliance mode, this vulnerability may allow a high privileged authenticated attacker with network access to the iControl REST interface to run arbitrary system commands, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only. Appliance mode is enforced by a specific license or may be enabled or disabled for individual Virtual Clustered Multiprocessing (vCMP) guest instances. For more information about Appliance mode, refer to K12815: Overview of Appliance mode.