Statements (23)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:security
|
| gptkbp:affected_component |
gptkb:iControl_REST
|
| gptkbp:affects |
gptkb:F5_BIG-IP
|
| gptkbp:attack_vector |
gptkb:network_protocol
|
| gptkbp:CWE_ID |
gptkb:CWE-306
|
| gptkbp:describes |
A vulnerability in F5 BIG-IP iControl REST that allows unauthenticated attackers to execute arbitrary system commands.
|
| gptkbp:exploits |
yes
|
| gptkbp:hasCVSSScore |
9.8
|
| gptkbp:impact |
complete system compromise
|
| gptkbp:mainVendors |
gptkb:F5_Networks
|
| gptkbp:patchedBy |
gptkb:F5_BIG-IP_12.1.6.2
gptkb:F5_BIG-IP_13.1.5 gptkb:F5_BIG-IP_14.1.4.6 gptkb:F5_BIG-IP_15.1.5.1 gptkb:F5_BIG-IP_16.1.2.2 |
| gptkbp:publicationDate |
2022-05-04
|
| gptkbp:requires_authentication |
no
|
| gptkbp:vulnerableTo |
gptkb:CVE-2022-1388
remote code execution authentication bypass |
| gptkbp:bfsParent |
gptkb:MHCHAOS
|
| gptkbp:bfsLayer |
6
|
| https://www.w3.org/2000/01/rdf-schema#label |
CVE-2022-1388
|