CVE-2022-23013 A DOM-based XSS vulnerability exists in BIG-IP Configuration ut of version 16.x before 16.1.0, 15.1.x before 15.1.4, 14.1.x before 14.1.4.4, and 13.1.x, 12.1.x, and 11.6.x.

CVE-2022-23013 A DOM-based XSS vulnerability exists in BIG-IP Configuration ut of version 16.x before 16.1.0, 15.1.x before 15.1.4, 14.1.x before 14.1.4.4, and 13.1.x, 12.1.x, and 11.6.x.

An attacker can exploit this vulnerability by enticing a user to visit a malicious website, which will be reflected in the BIG-IP Configuration utility. An exploit may occur via any of the following methods: By persuading a user to visit a malicious website.

By tricking a user into performing a malicious action via social engineering.

By exploiting a vulnerability such as those listed in the Vulnerability section of this advisory. Gaining access to the BIG-IP Configuration utility may allow an attacker to carry out one of the following actions: Viewing the current configuration of a BIG-IP system.

Modifying certain system settings.

Modifying the server and client connections of a BIG-IP system.
Concealment of the vulnerability is not possible. However, users are encouraged to consider the following recommendations to help mitigate the vulnerability. Avoid opening links from email messages or social media posts.

Consider using a web filter or smart filter to limit access to the Configuration utility.

Ensure that browser settings are up to date, and that users are using the most recent version of their preferred browser.

Regularly review the network configurations of all devices that connect to the BIG-IP system. Note: A partial workaround is to disable JavaScript in the browser settings of the Configuration utility. Software versions which have reached End of Technical Support (EoTS) are not evaluated

Vulnerability Scenario

If you are using the BIG-IP Configuration utility, an attacker can exploit this vulnerability by enticing a user to visit a malicious website. An exploit may occur via any of the following methods: By persuading a user to visit a malicious website.

By tricking a user into performing a malicious action via social engineering.

By exploiting a vulnerability such as those listed in the Vulnerability section of this advisory. If you are using browser settings that block JavaScript, then the vulnerability is not exploitable. However, users are encouraged to consider the following recommendations to help mitigate the vulnerability: Avoid opening links from email messages or social media posts.
Consider using a web filter or smart filter to limit access to the Configuration utility.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe