cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-25946,https://securityvulnerability.io/vulnerability/CVE-2022-25946,Integrity Check Bypass in F5 BIG-IP Products,"In certain versions of F5 BIG-IP Advanced WAF, ASM, and Guided Configuration, an authenticated attacker with Administrator privileges may exploit a missing integrity check in Appliance mode to bypass critical restrictions. This vulnerability presents a significant concern for organizations relying on these F5 products for secure web application functionality.",F5,"Big-ip (advanced Waf, Apm, Asm),Big-ip Guided Configuration (gc)",8.7,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2022-05-05T17:15:00.000Z,0
CVE-2022-27806,https://securityvulnerability.io/vulnerability/CVE-2022-27806,Command Injection Vulnerability in F5 BIG-IP Products by F5 Networks,"An authenticated attacker with the Administrator role can exploit command injection vulnerabilities in undisclosed URIs within F5 BIG-IP Guided Configuration. This exploitation allows for the bypassing of Appliance mode restrictions in affected versions of F5 BIG-IP Advanced WAF and ASM, potentially compromising the security of the system.",F5,"Big-ip (advanced Waf, Apm, Asm),Big-ip Guided Configuration (gc)",8.7,HIGH,0.0012700000079348683,false,,false,false,false,,,false,false,,2022-05-05T17:15:00.000Z,0
CVE-2022-29491,https://securityvulnerability.io/vulnerability/CVE-2022-29491,Denial of Service Vulnerability in F5 BIG-IP Components,"The vulnerability exists in F5 BIG-IP components configured with HTTP or TCP on one side and DTLS on the other, where certain undisclosed requests can lead to unexpected TMM process termination. This situation may result in service disruptions, affecting the overall availability of services running on affected F5 BIG-IP installations. Versions 16.1.x, 15.1.x, 14.1.x, and legacy versions are impacted, necessitating prompt attention to mitigate potential risks.",F5,"Big-ip Ltm, Advanced Waf, Asm, And Apm",7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2022-05-05T17:15:00.000Z,0
CVE-2022-26890,https://securityvulnerability.io/vulnerability/CVE-2022-26890,Session Awareness Vulnerability in F5 BIG-IP Web Application Security,"A vulnerability exists in F5 BIG-IP versions of Advanced WAF, ASM, and APM that can lead to the termination of the bd process. This occurs when these components are configured on a virtual server, and the ASM policy has Session Awareness enabled with the 'Use APM Username and Session ID' option. Undisclosed requests can exploit this configuration, potentially leading to service disruptions. It’s critical to monitor and address affected versions to maintain security and system stability.",F5,"Big-ip Advanced Waf, Asm, And Apm",7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2022-05-05T17:15:00.000Z,0