Lucene search

C807D3D7-EF10-5C00-8252-C9F4B2A7F1F3

HistoryMay 10, 2022 - 8:44 a.m.

Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager

2022-05-1008:44:24

184

f5 big-ip

vulnerability

authentication

network access

arbitrary commands

file manipulation

service disablement

mitigation

icontrol rest

management interface

cve-2022-1388

exploit

upgrade

rest access

references

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.975

Percentile

100.0%

JSON

BIG-IP iControl REST vulnerability CVE-2022-1388 PoC

![f5logo…

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.975

Percentile

100.0%

JSON

Related for C807D3D7-EF10-5C00-8252-C9F4B2A7F1F3