Lucene search
F5F5:K59904248HistoryMay 04, 2022 - 12:00 a.m.
K59904248 : iControl SOAP vulnerability CVE-2022-29474
2022-05-0400:00:00
my.f5.com
84
icontrol soap
vulnerability
directory traversal
authenticated attacker
guest role privileges
wsdl files
big-ip
file system
exploit security issue
Security Advisory Description
A directory traversal vulnerability exists in iControl SOAP that allows an authenticated attacker with at least guest role privileges to read wsdl files in the BIG-IP file system. (CVE-2022-29474)
Impact
An authenticated attacker with at least guest role privileges may exploit this vulnerability by sending a crafted request to iControl SOAP. If the exploit is successful, an attacker can read wsdl files in the BIG-IP file system. There is no data plane exposure; this is a control plane issue only.
Related
nessus
nessus
F5 Networks BIG-IP : iControl SOAP vulnerability (K59904248)
2022-05-05 00:00:00
cve
cve
CVE-2022-29474
2022-05-05 17:15:15
cnvd
cnvd
F5 BIG-IP iControl SOAP directory traversal vulnerability
2022-05-07 00:00:00
cvelist
cvelist
CVE-2022-29474
2022-05-05 16:45:00
prion
prion
Directory traversal
2022-05-05 17:15:00
nvd
nvd
CVE-2022-29474
2022-05-05 17:15:15
f5
f5
K55879220 : Overview of F5 vulnerabilities (May 2022)
2022-05-04 00:00:00