QID 376291: F5 BIG-IP Application Security Manager (ASM) and Advanced Web Application Firewall (WAF) REST API endpoint Vulnerability (K08402414)
An authenticated user with low privileges, such as a guest, can upload data using an undisclosed REST endpoint causing an increase in disk resource utilization.CVE-2022-23026
Vulnerable Component: BIG-IP ASM
16.0.0 - 16.1.1
15.1.0 - 15.1.4
14.1.0 - 14.1.4
13.1.0 - 13.1.4
12.1.0 - 12.1.6
QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.
An authenticated user with low privileges, such as a guest, may exploit this vulnerability to increase disk utilization, which may cause the Configuration utility to fail to function as expected. There is no data plane exposure; this is a control plane issue only.
- K08402414 - support.f5.com/csp/article/K08402414
CVEs related to QID 376291