F5 Security Advisory - iControl REST Vulnerabilities affecting F5 Products



On November 16, 2022, F5 announced several security vulnerabilities affecting BIG-IP and BIG-IQ iControl REST.  The security advisory can be found here:

The purpose of this article is to provide information as to the exposure of Silverline infrastructure and Silverline customer environments to these vulnerabilities.


Expected Impact

No impact is expected on Silverline infrastructure or Silverline customer environments

The disclosed vulnerabilities affect iControl REST, a REST API provided in F5 BIG-IP and BIG-IQ.  It is used exclusively in the management plane.  A threat actor would require access to a management interface on an affected system in order to exploit any of these vulnerabilities.  The Silverline network infrastructure includes robust security controls preventing access to management networks from the public internet.


In case of any questions we recommend to check the security advisories on AskF5 to assess exposure to these vulnerabilities and get details on recommended mitigations

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request