A format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to cross a security boundary.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://my.f5.com/manage/s/article/K000130415 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: f5
Published: 2023-02-01T17:54:46.798Z
Updated: 2024-08-02T10:07:06.534Z
Reserved: 2023-01-13T06:43:37.145Z
Link: CVE-2023-22374
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-02-01T18:15:11.363
Modified: 2024-11-21T07:44:39.350
Link: CVE-2023-22374
Redhat
No data.