Lucene search
K

5 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:54 p.m.113 views

K55580033: iControl REST vulnerability CVE-2022-35728

Security Advisory Description An authenticated user's iControl REST token may remain valid for a limited time after logging out from the Configuration utility. CVE-2022-35728 Impact A remote unauthenticated attacker may be able to reuse, for a limited time, an authenticated user's iControl REST...

9.8CVSS9.2AI score0.00587EPSS
Exploits0Affected Software14
CVE
CVE
added 2022/08/04 5:49 p.m.105 views

CVE-2022-35728

CVE-2022-35728 affects BIG-IP iControl REST: an authenticated user’s token may remain valid after logout, enabling limited maintenance-port access to execute commands. Affected versions include 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, all 13....

9.8CVSS8.9AI score0.00587EPSS
Exploits0References1Affected Software12
Cvelist
Cvelist
added 2022/08/04 5:49 p.m.28 views

CVE-2022-35728 iControl REST vulnerability CVE-2022-35728

In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ version 8.x before 8.2.0 and all versions of 7.x, an authenticated user's iControl REST token may remain valid for a limited time after logging...

8.1CVSS9.6AI score0.00587EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/08/03 2:0 p.m.2 views

CVE-2022-35728

In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ version 8.x before 8.2.0 and all versions of 7.x, an authenticated user's iControl REST token may remain valid for a limited time after logging...

9.8CVSS7.3AI score0.00587EPSS
Exploits0References2Affected Software2
Tenable Nessus
Tenable Nessus
added 2022/08/03 12:0 a.m.41 views

F5 Networks BIG-IP : iControl REST vulnerability (K55580033)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.1 / 15.1.6.1 / 16.1.3.1 / 17.0.0.1 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K55580033 advisory. - In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before...

9.8CVSS8.3AI score0.00587EPSS
Exploits0References2
Rows per page
Query Builder