-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathCVE-2022-1388.yaml
35 lines (32 loc) · 958 Bytes
/
CVE-2022-1388.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
id: bigip-icontrol-rest
info:
name: F5 BIG-IP iControl REST Panel
author: MrCl0wnLab
severity: info
description: |
Undisclosed requests may bypass iControl REST authentication.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2022-1388
- https://support.f5.com/csp/article/K23605346
- https://clouddocs.f5.com/products/big-iq/mgmt-api/v5.4/ApiReferences/bigiq_api_ref/r_auth_login.html
metadata:
shodan-query: http.title:"BIG-IP®-+Redirect" +"Server"
classification:
cve-id: CVE-2022-1388
cwe-id: CWE-306
tags: cve,cve2022,bigip,f5icontrol
requests:
- method: GET
path:
- "{{BaseURL}}/mgmt/shared/authn/login"
headers:
User-Agent: "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0"
matchers:
- type: word
part: body
words:
- "resterrorresponse"
- "message"
- type: status
status:
- 401