CVE-2022-23009 - AskarLabs CVE Database

CVE-2022-23009

Vendor N/A

Product BIG-IQ Centralized Management

Weakness CWE-863 · Incorrect authorization

Published January 25, 2022

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

On BIG-IQ Centralized Management 8.x before 8.1.0, an authenticated administrative role user on a BIG-IQ managed BIG-IP device can access other BIG-IP devices managed by the same BIG-IQ system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Key dates

02Disclosure timeline

January 25, 2022 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-23009 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/863.html

Related vulnerabilities

04Related CVE

CVE-2026-41189 FreeScout has assigned-only visibility bypass that allows editing hidden customer-authored threads CVE-2025-69414 CVE-2026-34532 Parse Server: Cloud function validator bypass via prototype chain traversal CVE-2023-47716 IBM FileNet Content Manager privilege escalation CVE-2026-28808 ScriptAlias CGI targets bypass directory auth in inets httpd (mod_auth vs mod_cgi path mismatch)