CVE-2022-23026: Malicious File Upload
First published: Tue Jan 25 2022(Updated: )
On BIG-IP ASM & Advanced WAF version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and all versions of 13.1.x and 12.1.x, an authenticated user with low privileges, such as a guest, can upload data using an undisclosed REST endpoint causing an increase in disk resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Credit: f5sirt@f5.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F5 Big-ip Advanced Web Application Firewall | >=12.1.0<=12.1.6 | |
| F5 Big-ip Advanced Web Application Firewall | >=13.1.0<=13.1.4 | |
| F5 Big-ip Advanced Web Application Firewall | >=14.1.0<=14.1.4 | |
| F5 Big-ip Advanced Web Application Firewall | >=15.1.0<=15.1.4 | |
| F5 Big-ip Advanced Web Application Firewall | >=16.0.0<=16.1.1 | |
| F5 Big-ip Application Acceleration Manager | >=12.1.0<=12.1.6 | |
| F5 Big-ip Application Acceleration Manager | >=13.1.0<=13.1.4 | |
| F5 Big-ip Application Acceleration Manager | >=14.1.0<=14.1.4 | |
| F5 Big-ip Application Acceleration Manager | >=15.1.0<=15.1.4 | |
| F5 Big-ip Application Acceleration Manager | >=16.0.0<=16.1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-23026?
CVE-2022-23026 is a vulnerability in F5 Big-ip Advanced Web Application Firewall and Application Acceleration Manager that allows an authenticated user with low privileges to upload data and consume disk resources.
Which versions of F5 Big-ip Advanced Web Application Firewall and Application Acceleration Manager are affected by CVE-2022-23026?
Versions 12.1.x, 13.1.x, 14.1.x, 15.1.x, and 16.1.x of F5 Big-ip Advanced Web Application Firewall and Application Acceleration Manager are affected by CVE-2022-23026.
How severe is CVE-2022-23026?
CVE-2022-23026 has a severity rating of 4.3, which is considered medium.
What is the Common Weakness Enumeration (CWE) ID for CVE-2022-23026?
The Common Weakness Enumeration (CWE) ID for CVE-2022-23026 is 434.
How can CVE-2022-23026 be fixed?
To fix CVE-2022-23026, it is recommended to upgrade to version 16.1.2, 15.1.4.1, 14.1.4.5, or later of F5 Big-ip Advanced Web Application Firewall and Application Acceleration Manager.
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/event
- vendor/f5
- canonical/f5 big-ip advanced web application firewall
- version/f5 big-ip advanced web application firewall/12.1.0
- version/f5 big-ip advanced web application firewall/12.1.6
- version/f5 big-ip advanced web application firewall/13.1.0
- version/f5 big-ip advanced web application firewall/13.1.4
- version/f5 big-ip advanced web application firewall/14.1.0
- version/f5 big-ip advanced web application firewall/14.1.4
- version/f5 big-ip advanced web application firewall/15.1.0
- version/f5 big-ip advanced web application firewall/15.1.4
- version/f5 big-ip advanced web application firewall/16.0.0
- version/f5 big-ip advanced web application firewall/16.1.1
- canonical/f5 big-ip application acceleration manager
- version/f5 big-ip application acceleration manager/12.1.0
- version/f5 big-ip application acceleration manager/12.1.6
- version/f5 big-ip application acceleration manager/13.1.0
- version/f5 big-ip application acceleration manager/13.1.4
- version/f5 big-ip application acceleration manager/14.1.0
- version/f5 big-ip application acceleration manager/14.1.4
- version/f5 big-ip application acceleration manager/15.1.0
- version/f5 big-ip application acceleration manager/15.1.4
- version/f5 big-ip application acceleration manager/16.0.0
- version/f5 big-ip application acceleration manager/16.1.1