F5-K000133472
First published: Wed Aug 02 2023(Updated: )
An authenticated attacker with guest privileges or higher can cause the iControl SOAP process to terminate by sending undisclosed requests.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F5 BIG-IP and BIG-IQ Centralized Management | >=17.0.0<=17.1.0 | 17.1.0.2 |
| F5 BIG-IP and BIG-IQ Centralized Management | >=16.1.0<=16.1.3 | 16.1.3.5 |
| F5 BIG-IP and BIG-IQ Centralized Management | >=15.1.0<=15.1.9 | 15.1.9.1 |
| F5 BIG-IP and BIG-IQ Centralized Management | >=14.1.0<=14.1.5 | 14.1.5.5 |
| F5 BIG-IP and BIG-IQ Centralized Management | >=13.1.0<=13.1.5 | |
| F5 BIG-IP and BIG-IQ Centralized Management | >=8.2.0<=8.3.0 | 3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of F5-K000133472?
The severity of F5-K000133472 is categorized as a high-risk vulnerability that allows attackers to disrupt the iControl SOAP process.
How do I fix F5-K000133472?
To fix F5-K000133472, you should upgrade to the appropriate patched version of F5 BIG-IP or BIG-IQ Centralized Management as specified in the advisory.
Who is affected by F5-K000133472?
F5-K000133472 affects users of F5 BIG-IP and F5 BIG-IQ Centralized Management running specific vulnerable versions listed in the advisory.
What types of attacks can exploit F5-K000133472?
Authenticated attackers with guest privileges or higher can exploit F5-K000133472 by sending specific undisclosed requests to terminate the iControl SOAP process.
What are the potential impacts of F5-K000133472?
The potential impacts of F5-K000133472 include service disruption and degradation in the functionality of the affected systems.
- agent/references
- agent/last-modified-date
- agent/severity
- agent/softwarecombine
- agent/first-publish-date
- agent/event
- agent/type
- agent/description
- agent/source
- agent/tags
- collector/f5-advisory
- source/F5
- alias/CVE-2023-38419
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/f5
- canonical/f5 big-ip and big-iq centralized management
- version/f5 big-ip and big-iq centralized management/17.0.0
- version/f5 big-ip and big-iq centralized management/17.1.0
- version/f5 big-ip and big-iq centralized management/16.1.0
- version/f5 big-ip and big-iq centralized management/16.1.3
- version/f5 big-ip and big-iq centralized management/15.1.0
- version/f5 big-ip and big-iq centralized management/15.1.9
- version/f5 big-ip and big-iq centralized management/14.1.0
- version/f5 big-ip and big-iq centralized management/14.1.5
- version/f5 big-ip and big-iq centralized management/13.1.0
- version/f5 big-ip and big-iq centralized management/13.1.5
- version/f5 big-ip and big-iq centralized management/8.2.0
- version/f5 big-ip and big-iq centralized management/8.3.0