CVE-2022-23009

Summary

On BIG-IQ Centralized Management 8.x before 8.1.0, an authenticated administrative role user on a BIG-IQ managed BIG-IP device can access other BIG-IP devices managed by the same BIG-IQ system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Affected Software

VendorProductVersion RangeStatus
n/aBIG-IQ Centralized Management8.x before 8.1.0affected

Weaknesses

  • CWE-863: CWE-863: Incorrect Authorization

ADP Enrichment

CVE Program Container

Additional References

References