1. Home
  2. CVE Database
  3. CVE-2022-27659
MEDIUM · 4.3

CVE-2022-27659

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1.x versions prior to 14.1.4.6, an authenticated attacker can modify or delete Dashboards created by other BIG...

Vulnerability Description

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1.x versions prior to 14.1.4.6, an authenticated attacker can modify or delete Dashboards created by other BIG-IP users in the Traffic Management User Interface (TMUI). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

CVSS Score

4.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
LOW
Availability
NONE

Affected Products

VendorProductVersions
F5Big-Ip Access Policy Manager14.1.0
F5Big-Ip Advanced Firewall Manager14.1.0
F5Big-Ip Analytics14.1.0
F5Big-Ip Application Acceleration Manager14.1.0
F5Big-Ip Application Security Manager14.1.0
F5Big-Ip Domain Name System14.1.0
F5Big-Ip Fraud Protection Service14.1.0
F5Big-Ip Global Traffic Manager14.1.0
F5Big-Ip Link Controller14.1.0
F5Big-Ip Local Traffic Manager14.1.0
F5Big-Ip Policy Enforcement Manager14.1.0

Related Weaknesses (CWE)

CWE-269

References

FAQ

What is CVE-2022-27659?

CVE-2022-27659 is a vulnerability with a CVSS score of 4.3 (MEDIUM). On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1.x versions prior to 14.1.4.6, an authenticated attacker can modify or delete Dashboards created by other BIG...

How severe is CVE-2022-27659?

CVE-2022-27659 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-27659?

Check the references section above for vendor advisories and patch information. Affected products include: F5 Big-Ip Access Policy Manager, F5 Big-Ip Advanced Firewall Manager, F5 Big-Ip Analytics, F5 Big-Ip Application Acceleration Manager, F5 Big-Ip Application Security Manager.