When running in appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint on multi-bladed systems. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| F5 |
|
Configuration 1 [-]
|
Configuration 2 [-]
|
Configuration 3 [-]
|
Configuration 4 [-]
|
Configuration 5 [-]
|
Configuration 6 [-]
|
Configuration 7 [-]
|
Configuration 8 [-]
|
Configuration 9 [-]
|
Configuration 10 [-]
|
Configuration 11 [-]
|
Configuration 12 [-]
|
No data.
No data.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2024-19689 | When running in appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint on multi-bladed systems. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
| Link | Providers |
|---|---|
| https://my.f5.com/manage/s/article/K000137522 |
|
History
Fri, 02 May 2025 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 23 Jan 2025 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
F5
F5 big-ip Access Policy Manager F5 big-ip Advanced Firewall Manager F5 big-ip Analytics F5 big-ip Application Acceleration Manager F5 big-ip Application Security Manager F5 big-ip Domain Name System F5 big-ip Fraud Protection Service F5 big-ip Global Traffic Manager F5 big-ip Link Controller F5 big-ip Local Traffic Manager F5 big-ip Policy Enforcement Manager F5 big-iq Centralized Management |
|
| CPEs | cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_link_controller:17.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:*:*:*:*:*:*:* cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
F5
F5 big-ip Access Policy Manager F5 big-ip Advanced Firewall Manager F5 big-ip Analytics F5 big-ip Application Acceleration Manager F5 big-ip Application Security Manager F5 big-ip Domain Name System F5 big-ip Fraud Protection Service F5 big-ip Global Traffic Manager F5 big-ip Link Controller F5 big-ip Local Traffic Manager F5 big-ip Policy Enforcement Manager F5 big-iq Centralized Management |
MITRE
Status: PUBLISHED
Assigner: f5
Published:
Updated: 2025-05-02T15:34:34.574Z
Reserved: 2024-02-01T22:13:26.374Z
Link: CVE-2024-22093
Vulnrichment
Updated: 2024-08-01T22:35:34.791Z
NVD
Status : Analyzed
Published: 2024-02-14T17:15:12.607
Modified: 2025-09-05T15:43:00.680
Link: CVE-2024-22093
Redhat
No data.
OpenCVE Enrichment
No data.