CVE-2022-27806: Command Injection
First published: Thu May 05 2022(Updated: )
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF, ASM, and ASM, and F5 BIG-IP Guided Configuration (GC) all versions prior to 9.0, when running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing command injection vulnerabilities in undisclosed URIs in F5 BIG-IP Guided Configuration. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Credit: f5sirt@f5.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F5 BIG-IP Access Policy Manager | =13.1.0 | |
| F5 BIG-IP Access Policy Manager | =13.1.1 | |
| F5 BIG-IP Access Policy Manager | =13.1.3 | |
| F5 BIG-IP Access Policy Manager | =13.1.4 | |
| F5 BIG-IP Access Policy Manager | =13.1.5 | |
| F5 BIG-IP Access Policy Manager | =14.1.0 | |
| F5 BIG-IP Access Policy Manager | =14.1.2 | |
| F5 BIG-IP Access Policy Manager | =14.1.3 | |
| F5 BIG-IP Access Policy Manager | =14.1.4 | |
| F5 BIG-IP Access Policy Manager | =15.1.0 | |
| F5 BIG-IP Access Policy Manager | =15.1.1 | |
| F5 BIG-IP Access Policy Manager | =15.1.2 | |
| F5 BIG-IP Access Policy Manager | =15.1.3 | |
| F5 BIG-IP Access Policy Manager | =15.1.4 | |
| F5 BIG-IP Access Policy Manager | =15.1.5 | |
| F5 BIG-IP Access Policy Manager | =16.1.0 | |
| F5 BIG-IP Access Policy Manager | =16.1.1 | |
| F5 BIG-IP Access Policy Manager | =16.1.2 | |
| F5 Big-ip Advanced Web Application Firewall | =13.1.0 | |
| F5 Big-ip Advanced Web Application Firewall | =13.1.1 | |
| F5 Big-ip Advanced Web Application Firewall | =13.1.3 | |
| F5 Big-ip Advanced Web Application Firewall | =13.1.4 | |
| F5 Big-ip Advanced Web Application Firewall | =13.1.5 | |
| F5 Big-ip Advanced Web Application Firewall | =14.1.0 | |
| F5 Big-ip Advanced Web Application Firewall | =14.1.2 | |
| F5 Big-ip Advanced Web Application Firewall | =14.1.3 | |
| F5 Big-ip Advanced Web Application Firewall | =14.1.4 | |
| F5 Big-ip Advanced Web Application Firewall | =15.1.0 | |
| F5 Big-ip Advanced Web Application Firewall | =15.1.1 | |
| F5 Big-ip Advanced Web Application Firewall | =15.1.2 | |
| F5 Big-ip Advanced Web Application Firewall | =15.1.3 | |
| F5 Big-ip Advanced Web Application Firewall | =15.1.4 | |
| F5 Big-ip Advanced Web Application Firewall | =15.1.5 | |
| F5 Big-ip Advanced Web Application Firewall | =16.1.0 | |
| F5 Big-ip Advanced Web Application Firewall | =16.1.1 | |
| F5 Big-ip Advanced Web Application Firewall | =16.1.2 | |
| F5 BIG-IP Application Security Manager | =13.1.0 | |
| F5 BIG-IP Application Security Manager | =13.1.1 | |
| F5 BIG-IP Application Security Manager | =13.1.3 | |
| F5 BIG-IP Application Security Manager | =13.1.4 | |
| F5 BIG-IP Application Security Manager | =13.1.5 | |
| F5 BIG-IP Application Security Manager | =14.1.0 | |
| F5 BIG-IP Application Security Manager | =14.1.2 | |
| F5 BIG-IP Application Security Manager | =14.1.3 | |
| F5 BIG-IP Application Security Manager | =14.1.4 | |
| F5 BIG-IP Application Security Manager | =15.1.0 | |
| F5 BIG-IP Application Security Manager | =15.1.1 | |
| F5 BIG-IP Application Security Manager | =15.1.2 | |
| F5 BIG-IP Application Security Manager | =15.1.3 | |
| F5 BIG-IP Application Security Manager | =15.1.4 | |
| F5 BIG-IP Application Security Manager | =15.1.5 | |
| F5 BIG-IP Application Security Manager | =16.1.0 | |
| F5 BIG-IP Application Security Manager | =16.1.1 | |
| F5 BIG-IP Application Security Manager | =16.1.2 | |
| F5 BIG-IP Guided Configuration | <9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-27806?
The severity of CVE-2022-27806 is rated as high with a CVSS score of 7.2.
Which versions of F5 BIG-IP Advanced WAF ASM are affected by CVE-2022-27806?
Versions 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF ASM are affected by CVE-2022-27806.
How can an authenticated attacker exploit CVE-2022-27806?
An authenticated attacker assigned the Administrator role may be able to bypass Appliance mode in F5 BIG-IP Advanced WAF ASM.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/f5
- canonical/f5 big-ip access policy manager
- version/f5 big-ip access policy manager/13.1.0
- version/f5 big-ip access policy manager/13.1.1
- version/f5 big-ip access policy manager/13.1.3
- version/f5 big-ip access policy manager/13.1.4
- version/f5 big-ip access policy manager/13.1.5
- version/f5 big-ip access policy manager/14.1.0
- version/f5 big-ip access policy manager/14.1.2
- version/f5 big-ip access policy manager/14.1.3
- version/f5 big-ip access policy manager/14.1.4
- version/f5 big-ip access policy manager/15.1.0
- version/f5 big-ip access policy manager/15.1.1
- version/f5 big-ip access policy manager/15.1.2
- version/f5 big-ip access policy manager/15.1.3
- version/f5 big-ip access policy manager/15.1.4
- version/f5 big-ip access policy manager/15.1.5
- version/f5 big-ip access policy manager/16.1.0
- version/f5 big-ip access policy manager/16.1.1
- version/f5 big-ip access policy manager/16.1.2
- canonical/f5 big-ip advanced web application firewall
- version/f5 big-ip advanced web application firewall/13.1.0
- version/f5 big-ip advanced web application firewall/13.1.1
- version/f5 big-ip advanced web application firewall/13.1.3
- version/f5 big-ip advanced web application firewall/13.1.4
- version/f5 big-ip advanced web application firewall/13.1.5
- version/f5 big-ip advanced web application firewall/14.1.0
- version/f5 big-ip advanced web application firewall/14.1.2
- version/f5 big-ip advanced web application firewall/14.1.3
- version/f5 big-ip advanced web application firewall/14.1.4
- version/f5 big-ip advanced web application firewall/15.1.0
- version/f5 big-ip advanced web application firewall/15.1.1
- version/f5 big-ip advanced web application firewall/15.1.2
- version/f5 big-ip advanced web application firewall/15.1.3
- version/f5 big-ip advanced web application firewall/15.1.4
- version/f5 big-ip advanced web application firewall/15.1.5
- version/f5 big-ip advanced web application firewall/16.1.0
- version/f5 big-ip advanced web application firewall/16.1.1
- version/f5 big-ip advanced web application firewall/16.1.2
- canonical/f5 big-ip application security manager
- version/f5 big-ip application security manager/13.1.0
- version/f5 big-ip application security manager/13.1.1
- version/f5 big-ip application security manager/13.1.3
- version/f5 big-ip application security manager/13.1.4
- version/f5 big-ip application security manager/13.1.5
- version/f5 big-ip application security manager/14.1.0
- version/f5 big-ip application security manager/14.1.2
- version/f5 big-ip application security manager/14.1.3
- version/f5 big-ip application security manager/14.1.4
- version/f5 big-ip application security manager/15.1.0
- version/f5 big-ip application security manager/15.1.1
- version/f5 big-ip application security manager/15.1.2
- version/f5 big-ip application security manager/15.1.3
- version/f5 big-ip application security manager/15.1.4
- version/f5 big-ip application security manager/15.1.5
- version/f5 big-ip application security manager/16.1.0
- version/f5 big-ip application security manager/16.1.1
- version/f5 big-ip application security manager/16.1.2
- canonical/f5 big-ip guided configuration