In all versions of BIG-IP, when running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing an undisclosed iControl REST endpoint. A successful exploit can allow the malicious user to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
f5 big-ip access policy manager 17.0.0 |
||
f5 big-ip analytics 17.0.0 |
||
f5 big-ip application security manager 17.0.0 |
||
f5 big-ip application acceleration manager 17.0.0 |
||
f5 big-ip policy enforcement manager 17.0.0 |
||
f5 big-ip local traffic manager 17.0.0 |
||
f5 big-ip link controller 17.0.0 |
||
f5 big-ip global traffic manager 17.0.0 |
||
f5 big-ip fraud protection service 17.0.0 |
||
f5 big-ip domain name system 17.0.0 |
||
f5 big-ip analytics |
||
f5 big-ip policy enforcement manager |
||
f5 big-ip local traffic manager |
||
f5 big-ip link controller |
||
f5 big-ip global traffic manager |
||
f5 big-ip fraud protection service |
||
f5 big-ip domain name system |
||
f5 big-ip application security manager |
||
f5 big-ip application acceleration manager |
||
f5 big-ip access policy manager |
||
f5 big-ip advanced firewall manager |
Vulmon