A format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to cross a security boundary.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: f5

Published: 2023-02-01T17:54:46.798Z

Updated: 2024-08-02T10:07:06.534Z

Reserved: 2023-01-13T06:43:37.145Z

Link: CVE-2023-22374

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-02-01T18:15:11.363

Modified: 2024-11-21T07:44:39.350

Link: CVE-2023-22374

cve-icon Redhat

No data.