On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
|
F5
Subscribe
|
Big-ip Access Policy Manager
Subscribe
Big-ip Advanced Firewall Manager
Subscribe
Big-ip Analytics
Subscribe
Big-ip Application Acceleration Manager
Subscribe
Big-ip Application Security Manager
Subscribe
Big-ip Domain Name System
Subscribe
Big-ip Fraud Protection Service
Subscribe
Big-ip Global Traffic Manager
Subscribe
Big-ip Link Controller
Subscribe
Big-ip Local Traffic Manager
Subscribe
Big-ip Policy Enforcement Manager
Subscribe
|
Configuration 1 [-]
|
No data.
No data.
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Wed, 22 Oct 2025 00:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Tue, 21 Oct 2025 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Tue, 21 Oct 2025 19:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Wed, 29 Jan 2025 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
kev
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: f5
Published:
Updated: 2025-10-21T23:15:40.370Z
Reserved: 2022-04-19T00:00:00.000Z
Link: CVE-2022-1388
Vulnrichment
Updated: 2024-08-03T00:03:06.011Z
NVD
Status : Analyzed
Published: 2022-05-05T17:15:10.570
Modified: 2025-10-27T17:06:48.893
Link: CVE-2022-1388
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses