virus logo Intrusion Prevention

F5.BIG-IP.iControl.SOAP.CGI.Process.Format.String

description-logoDescription

This indicates an attack attempt against a Memory Corruption vulnerability in F5 BIG-IP.
The vulnerability is due to an error when the vulnerable software attempts to handle maliciously crafted HTTP request. An authenticated attacker can exploit this by sending an crafted HTTP request to execute arbitrary code within the context of the target server or to result in denial of service conditions of the target server.

affected-products-logoAffected Products

F5 BIG-IP version 17.0.0
F5 BIG-IP version 16.1.2.2
F5 BIG-IP version 15.1.5.1
F5 BIG-IP version 14.1.4.6
F5 BIG-IP version 13.1.5

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of Service: Remote attackers can crash vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://my.f5.com/manage/s/article/K000130415

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2024-05-29 28.795
Modified
 Name:F5.
BIG-IP.
iControlPortal.
Format.
String.
Memory.
Corruption:F5.
BIG-IP.
iControl.
SOAP.
CGI.
Process.
Format.
String
2023-05-09 23.549
Modified
 Default_action:pass:drop
2023-03-01 23.504
Modified
 Sig Added

References

https://my.f5.com/manage/s/article/K000130415
ID 52609
Created Feb 02, 2023
Updated May 28, 2024
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Exploit Prediction Score 3.28%
Default Action drop
Active
Affected OS Linux
Affected App Other
Profile Type Resource Management Errors