CVE-2022-1388

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2022-1388 is a critical vulnerability identified in the F5 BIG-IP iControl REST interface, which allows for an authentication bypass. This flaw in software design or implementation enables unauthorized users to gain access and control over the system without needing to authenticate their identity, posing a significant security threat. The exploit was among the most prominent vulnerabilities detected, with a notable surge in daily detection counts over a 30-day period. This vulnerability was one of the three major cybersecurity threats contributing to nearly 90% of known exploits. Although the primary vulnerability was found in Log4j (CVE-2021-44228), accounting for 44% of known exploits, CVE-2022-1388 and another vulnerability affecting VMware's Workspace One Access and Identity Manager (CVE-2022-22954) made up the rest of this high-risk trio. These vulnerabilities have been under active attack, with unpatched systems being the prime targets. The exploitation of CVE-2022-1388 by BlackTech adds to its severity. BlackTech is a cyber espionage group known for its advanced persistent threats, making the exploitation of this vulnerability a significant concern for organizations using F5's BIG-IP products. It is essential for these organizations to apply patches promptly to mitigate the risks associated with this vulnerability.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Vulnerability
Exploit
exploited
Cloudflare
Exploits
Log4j
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
BlackTechUnspecified
1
BlackTech, a threat actor linked to China, is known for its malicious activities aimed at gathering intelligence from technology and government organizations, particularly in the Asia-Pacific region. This group utilizes a malware family known as Waterbear, associated with cyberespionage activities.
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
CVE-2022-22954Unspecified
2
CVE-2022-22954 is a significant software vulnerability that affects VMware's Workspace One Access and Identity Manager. This flaw in the software design or implementation allows for remote code execution, providing an attacker with the ability to execute arbitrary commands on the affected system. Ov
Log4ShellUnspecified
2
Log4Shell is a critical software vulnerability (CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105) in the logging feature of the Java programming language, known as Log4j. This flaw was publicly disclosed on December 9, 2021, impacting millions of devices and applications globally, including those
ProxyshellUnspecified
1
ProxyShell is a chain of three vulnerabilities (tracked as CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207) that affect Microsoft Exchange email servers. These vulnerabilities allow unauthenticated attackers to gain administrator access and execute remote code on unpatched servers. Discovered in
FollinaUnspecified
1
Follina, also known as CVE-2022-30190, is a notable software vulnerability that was discovered and exploited in the first half of 2022. This flaw, found in the Microsoft Windows Support Diagnostic Tool (MSDT), was weaponized by TA413, a cyber threat actor group with suspected ties to China. The grou
CVE-2022-22960Unspecified
1
None
CVE-2021-44228Unspecified
1
CVE-2021-44228, also known as Log4Shell, is a critical vulnerability in the Apache Log4j software library that has been widely exploited since its discovery. This flaw in software design or implementation allows for remote code execution, making it a prime target for malicious actors. Despite multip
Source Document References
Information about the CVE-2022-1388 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CISA
a year ago
Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors | CISA
CERT-EU
5 months ago
Infographic: A History of Network Device Threats and What Lies Ahead | #ransomware | #cybercrime | National Cyber Security Consulting
CERT-EU
7 months ago
BIG-IP Vulnerability Alert: Remote Code Execution Risk
Malwarebytes
10 months ago
2022's most routinely exploited vulnerabilities—history repeats
CERT-EU
10 months ago
Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities
BankInfoSecurity
10 months ago
Patching Conundrum: 5-Year Old Flaw Again Tops Most-Hit List
CERT-EU
10 months ago
Unmasking the top exploited vulnerabilities of 2022 – GIXtools
CERT-EU
8 months ago
CVE-2023-46747: Severe Flaw in Big-IP Causes Remote Code Execution
CISA
a year ago
Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors | CISA
BankInfoSecurity
10 months ago
Patching Conundrum: 4-Year Old Flaw Again Tops Most-Hit List
MITRE
a year ago
Windows Commands Abused by Attackers - JPCERT/CC Eyes
CERT-EU
4 months ago
Sensor Intel Series: Top CVEs in December 2023
Securityaffairs
10 months ago
CISA, FBI, and NSA published the list of 12 most exploited vulnerabilities of 2022
CERT-EU
8 months ago
F5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution
CERT-EU
a year ago
Sensor Intel Series: Top CVEs in February 2023 | F5 Labs
Fortinet
a year ago
2022 IoT Threat Review | FortiGuard Labs
CERT-EU
a year ago
Sensor Intel Series: Top CVEs in April 2023 | F5 Labs
DARKReading
a year ago
3 Flaws, 1 War Dominated Cyber-Threat Landscape in 2022
Fortinet
a year ago
Ransomware Roundup - Cl0p | FortiGuard Labs
CERT-EU
10 months ago
Most exploited cyber vulnerabilities of 2022 revealed