Big Iq
Monthly
Incorrect permission assignment in BIG-IP and BIG-IQ TMOS Shell (tmsh) network diagnostics commands and iControl REST allows authenticated attackers to view network status of destination systems. Affected versions vary by product line; vendor has released patches. Authentication is required, limiting exposure to users with valid credentials, but the high confidentiality impact (CVSS 6.5) makes this a material information disclosure risk for organizations managing sensitive network infrastructure.
Arbitrary command execution in F5 BIG-IP and BIG-IQ Certificate Manager allows highly privileged attackers with Certificate Manager role to run OS commands by modifying configuration objects. The vulnerability requires network access and high privileges (PR:H) but enables scope change (S:C) with high confidentiality and integrity impact. Vendor-released patch available per F5 Security Advisory K000160971. EPSS data not provided; no confirmed active exploitation (not in CISA KEV) or public exploit code identified at time of analysis.
Configuration manipulation in F5 BIG-IP and BIG-IQ Certificate Manager allows authenticated attackers with high privileges to execute arbitrary commands with scope change. Attackers holding Certificate Manager role credentials can modify configuration objects to run system commands, escalating from administrative interface access to underlying system control. CVSS 8.7 reflects the scope change (S:C) enabling broader impact than typical privileged command injection. No public exploit identified at time of analysis. F5 has released vendor patches per K000160972.
Incorrect permission assignment in F5 BIG-IP and BIG-IQ TMOS Shell (tmsh) arp and ndp commands, and in BIG-IP iControl REST allows authenticated attackers to view sensitive adjacent network information due to improper access controls. The vulnerability affects multiple product lines and requires valid authentication to exploit, making it a privilege escalation concern for environments where lower-privileged users have access to management interfaces.
Command injection in F5 BIG-IP and BIG-IQ SNMP configuration allows highly privileged Resource Administrators to escalate privileges to root via crafted iControl REST API calls or TMOS shell commands. Despite the high CVSS score (8.7), exploitation requires existing Resource Administrator credentials, significantly limiting real-world attack surface to insider threats or post-compromise scenarios. Vendor-released patches are available per F5 security advisory K000160981.
Authenticated low-privilege users can write arbitrary files to the BIG-IQ system filesystem via path traversal in an undisclosed iControl REST endpoint, enabling system compromise through configuration manipulation or code execution. F5 has released patches for supported versions. While requiring authentication (PR:L), the low complexity (AC:L) and network vector (AV:N) allow remote attackers with minimal access to achieve high integrity and availability impact through file overwrites of critical system or application files.
Remote code execution in F5 BIG-IP and BIG-IQ Configuration utility allows authenticated attackers with low privileges to execute arbitrary code with high impact to confidentiality, integrity, and availability. The vulnerability stems from unsafe deserialization (CWE-502) in the management interface, exploitable over the network with low attack complexity and no user interaction required. Vendor-released patch available per F5 advisory K000156761. No public exploit identified at time of analysis, with CVSS 8.8 indicating critical severity for environments where attackers have valid low-privilege credentials to the Configuration utility.
BIG-IP QKView utility fails to properly sanitize sensitive data in diagnostic files, allowing authenticated attackers to extract confidential information including credentials and system configuration details. The vulnerability affects both BIG-IP and BIG-IQ platforms and requires valid user credentials to exploit, limiting exposure to insider threats and compromised accounts within authorized access tiers.
Sensitive information disclosure in F5 BIG-IP and BIG-IQ allows authenticated administrators with resource administrator role to view confidential data via undisclosed iControl REST endpoints or TMOS Shell commands. The vulnerability requires high-privilege authentication and produces no system modification or availability impact, limiting real-world risk despite network accessibility. Vendor has released patches addressing the information exposure.
Incorrect permission assignment in BIG-IP and BIG-IQ TMOS Shell (tmsh) network diagnostics commands and iControl REST allows authenticated attackers to view network status of destination systems. Affected versions vary by product line; vendor has released patches. Authentication is required, limiting exposure to users with valid credentials, but the high confidentiality impact (CVSS 6.5) makes this a material information disclosure risk for organizations managing sensitive network infrastructure.
Arbitrary command execution in F5 BIG-IP and BIG-IQ Certificate Manager allows highly privileged attackers with Certificate Manager role to run OS commands by modifying configuration objects. The vulnerability requires network access and high privileges (PR:H) but enables scope change (S:C) with high confidentiality and integrity impact. Vendor-released patch available per F5 Security Advisory K000160971. EPSS data not provided; no confirmed active exploitation (not in CISA KEV) or public exploit code identified at time of analysis.
Configuration manipulation in F5 BIG-IP and BIG-IQ Certificate Manager allows authenticated attackers with high privileges to execute arbitrary commands with scope change. Attackers holding Certificate Manager role credentials can modify configuration objects to run system commands, escalating from administrative interface access to underlying system control. CVSS 8.7 reflects the scope change (S:C) enabling broader impact than typical privileged command injection. No public exploit identified at time of analysis. F5 has released vendor patches per K000160972.
Incorrect permission assignment in F5 BIG-IP and BIG-IQ TMOS Shell (tmsh) arp and ndp commands, and in BIG-IP iControl REST allows authenticated attackers to view sensitive adjacent network information due to improper access controls. The vulnerability affects multiple product lines and requires valid authentication to exploit, making it a privilege escalation concern for environments where lower-privileged users have access to management interfaces.
Command injection in F5 BIG-IP and BIG-IQ SNMP configuration allows highly privileged Resource Administrators to escalate privileges to root via crafted iControl REST API calls or TMOS shell commands. Despite the high CVSS score (8.7), exploitation requires existing Resource Administrator credentials, significantly limiting real-world attack surface to insider threats or post-compromise scenarios. Vendor-released patches are available per F5 security advisory K000160981.
Authenticated low-privilege users can write arbitrary files to the BIG-IQ system filesystem via path traversal in an undisclosed iControl REST endpoint, enabling system compromise through configuration manipulation or code execution. F5 has released patches for supported versions. While requiring authentication (PR:L), the low complexity (AC:L) and network vector (AV:N) allow remote attackers with minimal access to achieve high integrity and availability impact through file overwrites of critical system or application files.
Remote code execution in F5 BIG-IP and BIG-IQ Configuration utility allows authenticated attackers with low privileges to execute arbitrary code with high impact to confidentiality, integrity, and availability. The vulnerability stems from unsafe deserialization (CWE-502) in the management interface, exploitable over the network with low attack complexity and no user interaction required. Vendor-released patch available per F5 advisory K000156761. No public exploit identified at time of analysis, with CVSS 8.8 indicating critical severity for environments where attackers have valid low-privilege credentials to the Configuration utility.
BIG-IP QKView utility fails to properly sanitize sensitive data in diagnostic files, allowing authenticated attackers to extract confidential information including credentials and system configuration details. The vulnerability affects both BIG-IP and BIG-IQ platforms and requires valid user credentials to exploit, limiting exposure to insider threats and compromised accounts within authorized access tiers.
Sensitive information disclosure in F5 BIG-IP and BIG-IQ allows authenticated administrators with resource administrator role to view confidential data via undisclosed iControl REST endpoints or TMOS Shell commands. The vulnerability requires high-privilege authentication and produces no system modification or availability impact, limiting real-world risk despite network accessibility. Vendor has released patches addressing the information exposure.