Big-ip Domain Name System@16.1.3 Security Vulnerabilities and Issues — Big-ip Domain Name System@16.1.3 CVE List

Lucene search

F5Big-ip Domain Name System16.1.3

3 matches found

CVE•added 2022/12/07 4:15 a.m.•307 views

CVE-2022-41622

In all versions, BIG-IP and BIG-IQ are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

8.8CVSS8.7AI score0.81263EPSS

In wildWeb

CVE•added 2022/12/07 4:15 a.m.•291 views

CVE-2022-41800

In all versions of BIG-IP, when running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Softwa...

8.7CVSS8.4AI score0.92837EPSS

In wild

CVE•added 2023/02/01 6:15 p.m.•112 views

CVE-2023-22374

A format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to cross a security boundary. Note: ...

8.5CVSS8.5AI score0.0501EPSS