CVE-2022-27806 (GCVE-0-2022-27806)

Vulnerability from cvelistv5 – Published: 2022-05-05 16:29 – Updated: 2024-09-17 01:36
VLAI?
Summary
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF, ASM, and ASM, and F5 BIG-IP Guided Configuration (GC) all versions prior to 9.0, when running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing command injection vulnerabilities in undisclosed URIs in F5 BIG-IP Guided Configuration. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Severity ?
8.7 (High)
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
CWE
  • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
f5
References
Impacted products
Vendor Product Version
F5 BIG-IP (Advanced WAF, APM, ASM) Affected: 16.1.x
Affected: 15.1.x
Affected: 14.1.x
Affected: 13.1.x
Affected: 12.1.x
Affected: 11.6.x
Unaffected: 17.0.0 , < 17.0.x* (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T05:32:59.981Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K68647001"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP (Advanced WAF, APM, ASM)",
          "vendor": "F5",
          "versions": [
            {
              "status": "affected",
              "version": "16.1.x"
            },
            {
              "status": "affected",
              "version": "15.1.x"
            },
            {
              "status": "affected",
              "version": "14.1.x"
            },
            {
              "status": "affected",
              "version": "13.1.x"
            },
            {
              "status": "affected",
              "version": "12.1.x"
            },
            {
              "status": "affected",
              "version": "11.6.x"
            },
            {
              "lessThan": "17.0.x*",
              "status": "unaffected",
              "version": "17.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "BIG-IP Guided Configuration (GC)",
          "vendor": "F5",
          "versions": [
            {
              "lessThan": "9.0",
              "status": "affected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2022-05-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF, ASM, and ASM, and F5 BIG-IP Guided Configuration (GC) all versions prior to 9.0, when running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing command injection vulnerabilities in undisclosed URIs in F5 BIG-IP Guided Configuration. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-05T16:29:58",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.f5.com/csp/article/K68647001"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "DATE_PUBLIC": "2022-05-04T14:00:00.000Z",
          "ID": "CVE-2022-27806",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP (Advanced WAF, APM, ASM)",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "17.0.x",
                            "version_value": "17.0.0"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "16.1.x",
                            "version_value": "16.1.x"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "15.1.x",
                            "version_value": "15.1.x"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "14.1.x",
                            "version_value": "14.1.x"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "13.1.x",
                            "version_value": "13.1.x"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "12.1.x",
                            "version_value": "12.1.x"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "11.6.x",
                            "version_value": "11.6.x"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "BIG-IP Guided Configuration (GC)",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "All",
                            "version_value": "9.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF, ASM, and ASM, and F5 BIG-IP Guided Configuration (GC) all versions prior to 9.0, when running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing command injection vulnerabilities in undisclosed URIs in F5 BIG-IP Guided Configuration. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K68647001",
              "refsource": "MISC",
              "url": "https://support.f5.com/csp/article/K68647001"
            }
          ]
        },
        "source": {
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2022-27806",
    "datePublished": "2022-05-05T16:29:58.078244Z",
    "dateReserved": "2022-04-19T00:00:00",
    "dateUpdated": "2024-09-17T01:36:21.373Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5491BC3C-EE0C-43FA-B870-BBF9FC4FADB2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41408E51-04CC-4208-9DBA-0A5A90EFC7A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C90F3BA6-6466-48C5-A621-B44549419496\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"79A3A605-EBE9-4C50-B6F4-5FBD385FA8B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B3E688B1-28C4-4F9A-9474-381FD22E792D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25DAD24A-2D43-498E-BC43-183B669EA1FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B25A33B9-2485-4D80-8F49-9B4688A39345\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D3E81E7-3E6A-46AD-827D-14046D93144E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9416AE8-7C48-4986-99E8-5F313715B6B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCA6CE41-1D13-4A7A-94D8-C0D5740870A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"29041413-B405-42A6-B9E9-A3E7C3AC1CB9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F0C4673-2F1D-45B6-BC18-83EF68BA3601\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0148360C-1167-4FF9-B231-3D53890BD932\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"214D3CD8-6A1A-4119-B107-0363D34B3458\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6CA06267-4A87-4249-8A08-5A78BDCEE884\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF96CE38-E834-475C-92AD-97D904D8F831\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"702ACADF-C7FF-43C9-89A9-5F464718F800\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7E9747B-6167-4E8B-AF48-AA55C900C872\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B0CB7DF-0C05-409E-9BE1-587717BD2563\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7341E8FE-A103-4818-B38C-CCF2710C999B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"410A7A93-500B-4CBB-8841-16E7DE4101DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"441413AF-290D-43DF-B41E-61DB3598BEB6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE4838A8-A7AD-44EE-A5CC-48A32C0E456A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"598EE8AB-76D3-464E-B8C3-47533A22F879\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"206EB22C-AC2A-4A4E-8531-98E43EF497DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"769F8D7B-2052-4205-B255-9842A22DF963\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F55C04B-A248-47C1-8EF5-933E4CFBB3A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BDE52157-F1BB-4BCA-B582-48D826BBD0E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD2EF76F-9A4D-4DEC-B7F6-ED7DAA16766D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F14F4EE-8E16-4E0C-8FAE-5846323DD379\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E330DBEF-9020-49C1-886F-E661334BCC2A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"48D32035-7284-4D22-A243-CFEA5B01734B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"927D1FD4-47F3-4A72-A360-B996892C2E47\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55D6DDE1-8168-4681-8B68-3A3F47090994\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E09B41FA-2A79-447A-9C91-85FFD8099C79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E031E7B7-C66C-4BC7-9BB8-F42A2B9517AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5FDBD38-369B-4007-8D9A-B65B83B2AABD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:13.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"69F18D98-3C29-4012-8A3A-0D7FB55F5735\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:13.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"168FDFB8-CD1F-49C7-89BB-87278795E582\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:13.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0BAFFCAB-144B-4C2F-88F8-D35930012F44\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:13.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D030F54-8F3E-4844-8B51-B93A31805010\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"907FEE11-DF3B-4BE7-9BAE-5F6BE20E469D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:14.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49C435C8-DA39-41AF-9E42-AE50C96F9C66\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:14.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"817F7B3C-1CAC-4BD3-BD1A-C271C9516701\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B89FE04-D25D-4FF0-9421-B8BED0F77997\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:15.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"14612AC5-945C-4402-AFF0-5FCE11B7C785\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:15.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A03DD77-08C8-482F-8F79-48396ED0BF1C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:15.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"219F951F-C59B-4844-8558-6D07D067DF7E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:15.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE8FA530-5502-4FE1-A234-5E313D71B931\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:15.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6578F36C-12EF-49E4-9012-2ECCE8770A92\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:15.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"00141CBE-3AF5-40C3-B9D6-E9E61CFABECB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:16.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56FC4AD6-EC04-4BC0-8B13-6AE9805AA8F8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:16.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A1BC7E64-0621-487A-A612-C82CC040FD90\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:16.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"46203B9C-8815-44FC-809B-A24F988CC5AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_guided_configuration:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"9.0\", \"matchCriteriaId\": \"454B3BCD-6FD1-4F88-B6AF-7DEB4F7FECAE\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF, ASM, and ASM, and F5 BIG-IP Guided Configuration (GC) all versions prior to 9.0, when running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing command injection vulnerabilities in undisclosed URIs in F5 BIG-IP Guided Configuration. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated\"}, {\"lang\": \"es\", \"value\": \"En todas las versiones de 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x y 11.6.x de F5 BIG-IP Advanced WAF, ASM y ASM, y F5 BIG-IP Guided Configuration (GC) todas las versiones anteriores a 9.0, cuando es ejecutado en modo Appliance, un atacante autenticado al que le haya sido asignado el rol de Administrador puede ser capaz de omitir las restricciones del modo Appliance, usando vulnerabilidades de inyecci\\u00f3n de comandos en URIs no reveladas en F5 BIG-IP Guided Configuration. Nota: Las versiones de software que han alcanzado el Fin de Soporte T\\u00e9cnico (EoTS) no son evaluadas\"}]",
      "id": "CVE-2022-27806",
      "lastModified": "2024-11-21T06:56:13.683",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"f5sirt@f5.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N\", \"baseScore\": 8.7, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.3, \"impactScore\": 5.8}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:S/C:P/I:P/A:P\", \"baseScore\": 6.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 6.8, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-05-05T17:15:13.620",
      "references": "[{\"url\": \"https://support.f5.com/csp/article/K68647001\", \"source\": \"f5sirt@f5.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.f5.com/csp/article/K68647001\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "f5sirt@f5.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"f5sirt@f5.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-77\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-27806\",\"sourceIdentifier\":\"f5sirt@f5.com\",\"published\":\"2022-05-05T17:15:13.620\",\"lastModified\":\"2024-11-21T06:56:13.683\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF, ASM, and ASM, and F5 BIG-IP Guided Configuration (GC) all versions prior to 9.0, when running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing command injection vulnerabilities in undisclosed URIs in F5 BIG-IP Guided Configuration. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated\"},{\"lang\":\"es\",\"value\":\"En todas las versiones de 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x y 11.6.x de F5 BIG-IP Advanced WAF, ASM y ASM, y F5 BIG-IP Guided Configuration (GC) todas las versiones anteriores a 9.0, cuando es ejecutado en modo Appliance, un atacante autenticado al que le haya sido asignado el rol de Administrador puede ser capaz de omitir las restricciones del modo Appliance, usando vulnerabilidades de inyecci\u00f3n de comandos en URIs no reveladas en F5 BIG-IP Guided Configuration. Nota: Las versiones de software que han alcanzado el Fin de Soporte T\u00e9cnico (EoTS) no son evaluadas\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"f5sirt@f5.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":5.8},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:P/I:P/A:P\",\"baseScore\":6.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":6.8,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"f5sirt@f5.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5491BC3C-EE0C-43FA-B870-BBF9FC4FADB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41408E51-04CC-4208-9DBA-0A5A90EFC7A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C90F3BA6-6466-48C5-A621-B44549419496\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79A3A605-EBE9-4C50-B6F4-5FBD385FA8B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3E688B1-28C4-4F9A-9474-381FD22E792D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25DAD24A-2D43-498E-BC43-183B669EA1FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B25A33B9-2485-4D80-8F49-9B4688A39345\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D3E81E7-3E6A-46AD-827D-14046D93144E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9416AE8-7C48-4986-99E8-5F313715B6B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCA6CE41-1D13-4A7A-94D8-C0D5740870A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29041413-B405-42A6-B9E9-A3E7C3AC1CB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F0C4673-2F1D-45B6-BC18-83EF68BA3601\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0148360C-1167-4FF9-B231-3D53890BD932\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"214D3CD8-6A1A-4119-B107-0363D34B3458\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CA06267-4A87-4249-8A08-5A78BDCEE884\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF96CE38-E834-475C-92AD-97D904D8F831\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"702ACADF-C7FF-43C9-89A9-5F464718F800\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7E9747B-6167-4E8B-AF48-AA55C900C872\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B0CB7DF-0C05-409E-9BE1-587717BD2563\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7341E8FE-A103-4818-B38C-CCF2710C999B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"410A7A93-500B-4CBB-8841-16E7DE4101DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"441413AF-290D-43DF-B41E-61DB3598BEB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE4838A8-A7AD-44EE-A5CC-48A32C0E456A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"598EE8AB-76D3-464E-B8C3-47533A22F879\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"206EB22C-AC2A-4A4E-8531-98E43EF497DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"769F8D7B-2052-4205-B255-9842A22DF963\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F55C04B-A248-47C1-8EF5-933E4CFBB3A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDE52157-F1BB-4BCA-B582-48D826BBD0E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD2EF76F-9A4D-4DEC-B7F6-ED7DAA16766D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F14F4EE-8E16-4E0C-8FAE-5846323DD379\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E330DBEF-9020-49C1-886F-E661334BCC2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48D32035-7284-4D22-A243-CFEA5B01734B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"927D1FD4-47F3-4A72-A360-B996892C2E47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55D6DDE1-8168-4681-8B68-3A3F47090994\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E09B41FA-2A79-447A-9C91-85FFD8099C79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E031E7B7-C66C-4BC7-9BB8-F42A2B9517AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5FDBD38-369B-4007-8D9A-B65B83B2AABD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:13.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69F18D98-3C29-4012-8A3A-0D7FB55F5735\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:13.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"168FDFB8-CD1F-49C7-89BB-87278795E582\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:13.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BAFFCAB-144B-4C2F-88F8-D35930012F44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:13.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D030F54-8F3E-4844-8B51-B93A31805010\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"907FEE11-DF3B-4BE7-9BAE-5F6BE20E469D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:14.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49C435C8-DA39-41AF-9E42-AE50C96F9C66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:14.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"817F7B3C-1CAC-4BD3-BD1A-C271C9516701\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B89FE04-D25D-4FF0-9421-B8BED0F77997\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:15.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14612AC5-945C-4402-AFF0-5FCE11B7C785\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:15.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A03DD77-08C8-482F-8F79-48396ED0BF1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:15.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"219F951F-C59B-4844-8558-6D07D067DF7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:15.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE8FA530-5502-4FE1-A234-5E313D71B931\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:15.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6578F36C-12EF-49E4-9012-2ECCE8770A92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:15.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00141CBE-3AF5-40C3-B9D6-E9E61CFABECB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:16.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56FC4AD6-EC04-4BC0-8B13-6AE9805AA8F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:16.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1BC7E64-0621-487A-A612-C82CC040FD90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:16.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46203B9C-8815-44FC-809B-A24F988CC5AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_guided_configuration:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.0\",\"matchCriteriaId\":\"454B3BCD-6FD1-4F88-B6AF-7DEB4F7FECAE\"}]}]}],\"references\":[{\"url\":\"https://support.f5.com/csp/article/K68647001\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K68647001\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.