This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
HTTP:MISC:F5-ICONTROL-SOAP-CE
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
HTTP
|
Keywords |
F5 Multiple Products iControl API hostname Remote Command Execution
|
Release Date |
2014/11/17
|
Update Number |
2441
|
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
HTTP: F5 Multiple Products iControl API hostname Remote Command Execution
This signature detects attempts to exploit a known vulnerability against F5 BIG-IP. A successful attack can lead to arbitrary code execution.
Extended Description
Per: http://cwe.mitre.org/data/definitions/77.html
"CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')"
Affected Products
- F5 big-ip_access_policy_manager 10.1.0
- F5 big-ip_access_policy_manager 10.2.0
- F5 big-ip_access_policy_manager 10.2.1
- F5 big-ip_access_policy_manager 10.2.2
- F5 big-ip_access_policy_manager 11.0.0
- F5 big-ip_application_security_manager 10.0.0
- F5 big-ip_application_security_manager 10.0.1
- F5 big-ip_application_security_manager 10.1.0
- F5 big-ip_application_security_manager 10.2.0
- F5 big-ip_application_security_manager 10.2.1
- F5 big-ip_application_security_manager 10.2.2
- F5 big-ip_application_security_manager 11.0.0
- F5 big-ip_edge_gateway 10.1.0
- F5 big-ip_edge_gateway 10.2.0
- F5 big-ip_edge_gateway 10.2.1
- F5 big-ip_edge_gateway 10.2.2
- F5 big-ip_edge_gateway 11.0.0
- F5 big-ip_global_traffic_manager 10.0.0
- F5 big-ip_global_traffic_manager 10.0.1
- F5 big-ip_global_traffic_manager 10.1.0
- F5 big-ip_global_traffic_manager 10.2.0
- F5 big-ip_global_traffic_manager 10.2.1
- F5 big-ip_global_traffic_manager 10.2.2
- F5 big-ip_global_traffic_manager 11.0.0
- F5 big-ip_link_controller 10.0.0
- F5 big-ip_link_controller 10.0.1
- F5 big-ip_link_controller 10.1.0
- F5 big-ip_link_controller 10.2.0
- F5 big-ip_link_controller 10.2.1
- F5 big-ip_link_controller 10.2.2
- F5 big-ip_link_controller 11.0.0
- F5 big-ip_local_traffic_manager 10.0.0
- F5 big-ip_local_traffic_manager 10.0.1
- F5 big-ip_local_traffic_manager 10.1.0
- F5 big-ip_local_traffic_manager 10.2.0
- F5 big-ip_local_traffic_manager 10.2.1
- F5 big-ip_local_traffic_manager 10.2.2
- F5 big-ip_local_traffic_manager 11.0.0
- F5 big-ip_protocol_security_module 10.0.0
- F5 big-ip_protocol_security_module 10.0.1
- F5 big-ip_protocol_security_module 10.1.0
- F5 big-ip_protocol_security_module 10.2.0
- F5 big-ip_protocol_security_module 10.2.1
- F5 big-ip_protocol_security_module 10.2.2
- F5 big-ip_protocol_security_module 10.2.3
- F5 big-ip_protocol_security_module 10.2.4
- F5 big-ip_protocol_security_module 11.0.0
- F5 big-ip_protocol_security_module 11.1.0
- F5 big-ip_protocol_security_module 11.2.0
- F5 big-ip_protocol_security_module 11.2.1
- F5 big-ip_protocol_security_module 11.3.0
- F5 big-ip_protocol_security_module 11.4.0
- F5 big-ip_protocol_security_module 11.4.1
- F5 big-ip_protocol_security_module 9.4.5
- F5 big-ip_protocol_security_module 9.4.6
- F5 big-ip_protocol_security_module 9.4.7
- F5 big-ip_protocol_security_module 9.4.8
- F5 big-ip_wan_optimization_manager 10.0.0
- F5 big-ip_wan_optimization_manager 10.0.1
- F5 big-ip_wan_optimization_manager 10.1.0
- F5 big-ip_wan_optimization_manager 10.2.0
- F5 big-ip_wan_optimization_manager 10.2.1
- F5 big-ip_wan_optimization_manager 10.2.2
- F5 big-ip_wan_optimization_manager 11.0.0
- F5 big-ip_webaccelerator 10.0.0
- F5 big-ip_webaccelerator 10.0.1
- F5 big-ip_webaccelerator 10.1.0
- F5 big-ip_webaccelerator 10.2.0
- F5 big-ip_webaccelerator 10.2.1
- F5 big-ip_webaccelerator 10.2.2
- F5 big-ip_webaccelerator 10.2.3
- F5 big-ip_webaccelerator 10.2.4
- F5 big-ip_webaccelerator 11.0.0
- F5 big-ip_webaccelerator 11.1.0
- F5 big-ip_webaccelerator 11.2.0
- F5 big-ip_webaccelerator 11.2.1
- F5 big-ip_webaccelerator 11.3.0
- F5 big-ip_webaccelerator 9.4.0
- F5 big-ip_webaccelerator 9.4.1
- F5 big-ip_webaccelerator 9.4.2
- F5 big-ip_webaccelerator 9.4.3
- F5 big-ip_webaccelerator 9.4.4
- F5 big-ip_webaccelerator 9.4.5
- F5 big-ip_webaccelerator 9.4.6
- F5 big-ip_webaccelerator 9.4.7
- F5 big-ip_webaccelerator 9.4.8
References