Loading
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Use CWE-306, F5 vendor hub and Big-Ip Access Policy Manager product page to widen CVE-2022-1388 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2025-61990, CVE-2025-58071 and CVE-2025-61960 for nearby disclosures in the same product family.