PT-2022-13910 · F5 · F5 Big-Ip
Published
2022-05-05
·
Updated
2022-05-16
·
CVE-2022-1468
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
F5 BIG-IP versions 11.6.x through 17.0.x
Description
An issue exists where an authenticated iControl REST user with at least guest role privileges can cause processing delays to iControl REST requests.
Recommendations
For versions 11.6.x through 17.0.x, consider restricting access to the iControl REST interface to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
F5 Big-Ip