When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing command injection vulnerabilities in undisclosed URIs in F5 BIG-IP Guided Configuration. (CVE-2022-27806)
Impact
In Appliance mode, an authenticated attacker with valid credentials assigned the Administrator role may be able to bypass Appliance mode restrictions. This is a control plane issue; there is no data plane exposure. Appliance mode is enforced by a specific license or may be enabled or disabled for individual Virtual Clustered Multiprocessing (vCMP) guest instances. For more information about Appliance mode, refer to K12815: Overview of Appliance mode.
Note: For BIG-IP ASM Guided Configuration, an additional Advanced WAF license is required for it to be available in the Configuration utility Security menu.