March 24, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Hive Ransomware – Active IOCs
November 17, 2022Rewterz Threat Advisory – CVE-2022-20928 – Cisco Adaptive Security Appliance Vulnerability
November 18, 2022Rewterz Threat Alert – Hive Ransomware – Active IOCs
November 17, 2022Rewterz Threat Advisory – CVE-2022-20928 – Cisco Adaptive Security Appliance Vulnerability
November 18, 2022
Severity
High
Analysis Summary
CVE-2022-41800
F5 BIG-IP could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw when running in Appliance mode. By sending a specially-crafted request using an iControl REST endpoint, an attacker could exploit this vulnerability to bypass Appliance mode restrictions to cross a security boundary.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2022-41800
Affected Vendors
Node.js
Affected Products
- F5 BIG-IP 13.1.0
- F5 BIG-IP 14.1.0
- F5 BIG-IP (Advanced WAF) 15.1.0
- F5 BIG-IP 16.1.0
- F5 BIG-IP 13.1.5
- F5 BIG-IP 17.0.0
- F5 BIG-IP 16.1.3
- F5 BIG-IP 14.1.5
- F5 BIG-IP 15.1.8
Remediation
Refer to F5 Security Advisory for patch, upgrade or suggested workaround information.