First published: Wed Feb 01 2023(Updated: )
A format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to cross a security boundary.
Affected Software | Affected Version | How to fix |
---|---|---|
F5 BIG-IP | =17.0.0 | 17.1.0 |
F5 BIG-IP | >=16.1.2.2<=16.1.3 | 16.1.3.4 |
F5 BIG-IP | >=15.1.5.1<=15.1.8 | 15.1.8.2 |
F5 BIG-IP | >=14.1.4.6<=14.1.5 | 14.1.5.4 |
F5 BIG-IP | =13.1.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.