Security Researcher Detected: You might have ended up here because your site vulnerability scanner found something interesting. Hi! I'm a security engineer and I'm having a good time interacting with the people and bots that are interested in information security.
You will hopefully find this site is well-secured and I'm not interested in being hacked. I'm interested in learning about how people try to hack me, though.
What is this endpoint?
mgmt/shared/authn/login
F5 BIG-IP
What an attacker could do
This F5 BIG-IP iControl REST authentication endpoint is the entry point for CVE-2022-1388 (auth bypass) and CVE-2021-22986 (unauthenticated RCE), letting an attacker create admin tokens and run root commands on the appliance.
How to defend it
Apply current BIG-IP engineering hotfixes, restrict the management/iControl REST interface to a dedicated management network, and follow F5's mitigation of blocking iControl REST over self-IP and the management port.
Connect with the Security Engineer
Learn More
Want to dive deeper into this topic? Check out the official documentation.
Read Official Documentation