F5 Products Multiple Vulnerabilities
RISK: Extremely High Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities were identified in F5 Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, sensitive information disclosure, data manipulation, cross-site scripting and security restriction bypass on the targeted system.
[Updated on 2022-05-10] CVE-2022-1388 is being exploited in the wild. Exploitation of CVE-2022-1388 may trigger remote code execution vulnerability. The risk level is changed from medium risk to extremely high risk correspondingly. HKCERT urges users and administrators to review the security update pages for the affected products and apply the related updates as soon as possible.
Impact
- Cross-Site Scripting
- Denial of Service
- Elevation of Privilege
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
- Data Manipulation
System / Technologies affected
Please refer to the link below for detail:
https://support.f5.com/csp/article/K55879220
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
Vulnerability Identifier
- CVE-2022-1388
- CVE-2022-1389
- CVE-2022-1468
- CVE-2022-25946
- CVE-2022-25990
- CVE-2022-26071
- CVE-2022-26130
- CVE-2022-26340
- CVE-2022-26370
- CVE-2022-26372
- CVE-2022-26415
- CVE-2022-26517
- CVE-2022-26835
- CVE-2022-26890
- CVE-2022-27181
- CVE-2022-27182
- CVE-2022-27189
- CVE-2022-27230
- CVE-2022-27495
- CVE-2022-27634
- CVE-2022-27636
- CVE-2022-27659
- CVE-2022-27662
- CVE-2022-27806
- CVE-2022-27875
- CVE-2022-27878
- CVE-2022-27880
- CVE-2022-28691
- CVE-2022-28695
- CVE-2022-28701
- CVE-2022-28705
- CVE-2022-28706
- CVE-2022-28707
- CVE-2022-28708
- CVE-2022-28714
- CVE-2022-28716
- CVE-2022-28859
- CVE-2022-29263
- CVE-2022-29473
- CVE-2022-29474
- CVE-2022-29479
- CVE-2022-29480
- CVE-2022-29491
Source
Related Link
Related Tags
Share with