CVE-2022-1388

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published May 5, 2022

Updated: Nov 2, 2023

CWE ID 306

Summary

CVE-2022-1388 is a vulnerability affecting F5 BIG-IP versions 11.6.x and below, as well as 12.1.x, 13.1.x, 14.1.x, and 15.1.x prior to certain patches. These versions have an undisclosed issue where iControl REST authentication may be bypassed through unspecified requests. This weakness could expose systems to potential unauthorized access and manipulation. It is essential to apply the recommended patches to mitigate this risk. Note that software versions beyond their End of Technical Support (EoTS) are not evaluated for this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/mU8UtW
https://www.cve.org/CVERecord?id=CVE-2022-1388
https://nvd.nist.gov/vuln/detail/CVE-2022-1388

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2022-1388

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations