CISA has discovered new vulnerability in vulnerability list

CISA has discovered new vulnerability in vulnerability list

15. Mai 2022 0 Von Horst Buchwald

CISA has discovered new vulnerability in vulnerability list

San Francisco, 5/15/2022

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new vulnerability to its list of actively exploited vulnerabilities. The vulnerability in question is CVE-2022-1388.

F5 announced last week that critical flaw CVE-2022-1388 affects the BIG-IP iControl REST authentication component and allows attackers to execute commands.

F5’s customers using BIG-IP solutions include governments, Fortune 500 companies, banks, service providers and consumer brands such as Microsoft, Oracle and Facebook. The company claims that 48 of the Fortune 50 companies are F5 customers.

The U.S. Office of Cybersecurity is giving agencies until May 31, when the actively exploited CVE-2022-1388 vulnerability must be patched.