Credit: Yann Lehmann
iControl REST is an evolution of F5 iControl framework. Leveraging this Representational State Transfer (REST) API, an authenticated user can accomplish anything that can be accomplished from the F5 BIG-IP command line. It is an extremely powerful API.
On May 04, 2022, F5 disclosed a critical CVE, CVE-2022-1388. It may allow an unauthenticated attacker with network access to the management port or the self IP addresses of the BIG-IP system to leverage the iControl REST component. This is because some requests to iControl REST can directly bypass the authentication mechanism. Due to the capabilities of this component, anyone with network access to the management port or the self IP addresses can execute arbitrary system commands and modify services or files. From the nature of the iControl rest component, this is a control plane vulnerability that does not expose the data plane.
For additional details on how to identify what could be your impacted systems, please review the attached advisory.
Would you need further assistance, please ask the Cyber Fusion Center by using the MSS Portal or by phone:
North America: 1-866-929-3528
EMEA: +41 58 317 77 77
The Cyber Fusion Center
Kudelski Security is an innovative and independent provider of tailored cybersecurity solutions to enterprises and public sector institutions. Kudelski Security is a division of the Kudelski Group (SIX:KUD.S), which has nearly 4,000 employees in 33 countries around the world. The company has dual headquarters in Phoenix, Arizona, and in Cheseaux-sur-Lausanne, Switzerland, as well as offices in Zurich, Minneapolis, Dallas, and Atlanta.
Latest posts by Kudelski Security Team (see all)