Vulnerability in F5 BIG-IP May Cause DoS and Code Execution

An authenticated attacker could use a high-severity format string vulnerability in BIG-IP to cause a denial-of-service (DoS) condition and possibly execute arbitrary code, according to a warning from F5. The security flaw, identified as CVE-2023-22374, affects iControl SOAP, an open API that permits system communication and is run as root. Administrative accounts are the only […]

accounts api big big-ip breaches code code execution communication cve dos flaw format string high icontrol identity and access management (iam) malware and vulnerabilities may news & analysis root run security service severity soap system threat intelligence vulnerability warning