Lucene search
China National Vulnerability DatabaseCNVD-2022-55188HistoryAug 03, 2022 - 12:00 a.m.
F5 BIG-IP iControl REST improper privilege management vulnerability
2022-08-0300:00:00
China National Vulnerability Database
www.cnvd.org.cn
16
f5 big-ip
privilege management
icontrol rest
vulnerability
appliance mode
security boundaries
EPSS
0.001
Percentile
42.8%
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. An improper privilege management vulnerability exists in F5 BIG-IP iControl REST, which can be exploited by an authenticated attacker with administrator status when BIG-IP is running in appliance mode to be able to use undisclosed iControl REST endpoints to bypass device mode restrictions and cross security boundaries.
Related
nvd
nvd
CVE-2022-35243
2022-08-04 18:15:10
nessus
nessus
prion
prion
Design/Logic Flaw
2022-08-04 18:15:00
cve
cve
CVE-2022-35243
2022-08-04 18:15:10
f5
f5
K11010341 : Authenticated iControl REST in Appliance mode vulnerability CVE-2022-35243
2022-08-03 00:00:00
K14649763 : Overview of F5 vulnerabilities (August 2022)
2022-08-03 00:00:00
cvelist
cvelist