CISA has discovered new vulnerability in vulnerability list15. May 2022
CISA has discovered new vulnerability in vulnerability list
San Francisco, 5/15/2022
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new vulnerability to its list of actively exploited vulnerabilities. The vulnerability in question is CVE-2022-1388.
F5 announced last week that critical flaw CVE-2022-1388 affects the BIG-IP iControl REST authentication component and allows attackers to execute commands.
F5’s customers using BIG-IP solutions include governments, Fortune 500 companies, banks, service providers and consumer brands such as Microsoft, Oracle and Facebook. The company claims that 48 of the Fortune 50 companies are F5 customers.
The U.S. Office of Cybersecurity is giving agencies until May 31, when the actively exploited CVE-2022-1388 vulnerability must be patched.