Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
f5F5F5:K55580033
HistoryAug 03, 2022 - 12:00 a.m.

K55580033 : iControl REST vulnerability CVE-2022-35728

2022-08-0300:00:00
my.f5.com
80

9.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.4%

JSON

Security Advisory Description

An authenticated user’s iControl REST token may remain valid for a limited time after logging out from the Configuration utility. (CVE-2022-35728)

Impact

A remote unauthenticated attacker may be able to reuse, for a limited time, an authenticated user’s iControl REST token generated from the Configuration utility and access through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only.

Related

prion 1
cvelist 1
nessus 1
cnvd 1
nvd 1
cve 1
f5 1
prion
prion
Design/Logic Flaw
2022-08-04 18:15:00
cvelist
cvelist
CVE-2022-35728 iControl REST vulnerability CVE-2022-35728
2022-08-03 00:00:00
nessus
nessus
F5 Networks BIG-IP : iControl REST vulnerability (K55580033)
2022-08-03 00:00:00
cnvd
cnvd
F5 BIG-IP iControl REST Session Expiration Time Insufficient Vulnerability Vulnerability
2022-08-03 00:00:00
nvd
nvd
CVE-2022-35728
2022-08-04 18:15:10
cve
cve
CVE-2022-35728
2022-08-04 18:15:10
f5
f5
K14649763 : Overview of F5 vulnerabilities (August 2022)
2022-08-03 00:00:00

9.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.4%

JSON
Related for F5:K55580033
prion1cvelist1nessus1cnvd1nvd1cve1f51