Rewterz Threat Advisory – CVE-2022-42898 – Samba Vulnerability

November 17, 2022

Rewterz Threat Advisory – Jenkins Cluster Statistics Plugin Vulnerabilities

November 17, 2022

Rewterz Threat Advisory – CVE-2022-41622 – F5 BIG-IP and BIG-IQ Vulnerability

November 17, 2022

Severity

High

Analysis Summary

CVE-2022-41622

F5 BIG-IP and BIG-IQ is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform unauthorized actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.

Impact

Gain Access

Indicators Of Compromise

CVE

CVE-2022-41622

Affected Vendors

Affected Products

F5 BIG-IP 13.1.0
F5 BIG-IP 14.1.0
F5 BIG-IP 15.1.0
F5 BIG-IQ Centralized Management 7.1.0
F5 BIG-IQ Centralized Management 8.0.0
F5 BIG-IP 16.1.0
F5 BIG-IP 13.1.5
F5 BIG-IP 17.0.0
F5 BIG-IP 16.1.3
F5 BIG-IP 14.1.5
F5 BIG-IQ Centralized Management 8.2.0
F5 BIG-IP 15.1.8

Remediation

Refer to F5 Security Advisory for patch, upgrade or suggested workaround information.

F5 Security Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

ClickFix Scheme Used by Russian Hackers to Deploy Espionage Malware – Active IOCs

Cyber Threat Alert: Immediate Action Required on Existing APT Threat Indicators – Active IOCs

Tinba aka TinyBanker Trojan – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – CVE-2022-42898 – Samba Vulnerability

Rewterz Threat Advisory – Jenkins Cluster Statistics Plugin Vulnerabilities

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.