Known Vulnerabilities for Big-iq Centralized Management by F5
Listed below are 10 of the newest known vulnerabilities associated with "Big-iq Centralized Management" by "F5".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-43485 json | When TACACS+ audit forwarding is configured on BIG-IP or BIG-IQ system, sharedsecret is logged in plaintext in the audit log... | 5.5 - MEDIUM | 2023-10-10 | 2023-10-17 |
| CVE-2023-41964 json | The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB) variables. Note: Softwar... | 6.5 - MEDIUM | 2023-10-10 | 2023-10-17 |
| CVE-2023-38419 json | An authenticated attacker with guest privileges or higher can cause the iControl SOAP process to terminate by sending undiscl... | 4.3 - MEDIUM | 2023-08-02 | 2023-08-07 |
| CVE-2023-29240 json | An authenticated attacker granted a Viewer or Auditor role on a BIG-IQ can upload arbitrary files using an undisclosed iCont... | 5.4 - MEDIUM | 2023-05-03 | 2023-05-10 |
| CVE-2022-41770 json | In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all vers... | 6.5 - MEDIUM | 2022-10-19 | 2022-10-24 |
| CVE-2022-41622 json | In all versions, BIG-IP and BIG-IQ are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP. Note: S... | 8.8 - HIGH | 2022-12-07 | 2023-11-07 |
| CVE-2022-35728 json | In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all ve... | 9.8 - CRITICAL | 2022-08-04 | 2022-08-10 |
| CVE-2022-34851 json | In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all ve... | 6.5 - MEDIUM | 2022-08-04 | 2022-08-10 |
| CVE-2022-34844 json | In BIG-IP Versions 16.1.x before 16.1.3.1 and 15.1.x before 15.1.6.1, and all versions of BIG-IQ 8.x, when the Data Plane Dev... | 7.5 - HIGH | 2022-08-04 | 2022-08-10 |
| CVE-2022-29479 json | On F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all v... | 5.3 - MEDIUM | 2022-05-05 | 2022-05-12 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | F5 | Big-iq Centralized Management | 7.1.0.1 | |||
| Application | F5 | Big-iq Centralized Management | 7.1.0 | |||
| Application | F5 | Big-iq Centralized Management | 7.0.0 | |||
| Application | F5 | Big-iq Centralized Management | 6.1.0 | |||
| Application | F5 | Big-iq Centralized Management | 6.0.1 | |||
| Application | F5 | Big-iq Centralized Management | 6.0.0 | |||
| Application | F5 | Big-iq Centralized Management | 5.4.0 | |||
| Application | F5 | Big-iq Centralized Management | 5.3.0 | |||
| Application | F5 | Big-iq Centralized Management | 5.2.0 | |||
| Application | F5 | Big-iq Centralized Management | 5.1.0 | |||
| Application | F5 | Big-iq Centralized Management | 5.0.0 | |||
| Application | F5 | Big-iq Centralized Management | 4.6.0 |