The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 22.214.171.124 / 126.96.36.199 / 188.8.131.52 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K59904248 advisory.
– On F5 BIG-IP 16.1.x versions prior to 184.108.40.206, 15.1.x versions prior to 220.127.116.11, 14.1.x versions prior to 18.104.22.168, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, a directory traversal vulnerability exists in iControl SOAP that allows an authenticated attacker with at least guest role privileges to read wsdl files in the BIG-IP file system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated (CVE-2022-29474)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.Read More
Back to Main