{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-16T08:40:18.905","vulnerabilities":[{"cve":{"id":"CVE-2022-31473","sourceIdentifier":"f5sirt@f5.com","published":"2022-08-04T18:15:09.630","lastModified":"2024-11-21T07:04:31.587","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In BIG-IP Versions 16.1.x before 16.1.1 and 15.1.x before 15.1.4, when running in Appliance mode, an authenticated attacker may be able to bypass Appliance mode restrictions due to a directory traversal vulnerability in an undisclosed page within iApps. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."},{"lang":"es","value":"En BIG-IP versiones 16.1.x anteriores a 16.1.1 y 15.1.x anteriores a 15.1.4, cuando es ejecutado en modo Appliance, un atacante autenticado puede ser capaz de omitir las restricciones del modo Appliance debido a una vulnerabilidad de salto de directorio en una página no revelada dentro de iApps. Una explotación con éxito puede permitir al atacante cruzar un límite de seguridad. Nota: Las versiones de software que han alcanzado el Fin del Soporte Técnico (EoTS) no son evaluadas"}],"metrics":{"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":4.0}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.4","matchCriteriaId":"0328FE23-1C06-406A-8642-949756256D2A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.0:*:*:*:*:*:*:*","matchCriteriaId":"EF96CE38-E834-475C-92AD-97D904D8F831"}]}]}],"references":[{"url":"https://support.f5.com/csp/article/K34893234","source":"f5sirt@f5.com","tags":["Vendor Advisory"]},{"url":"https://support.f5.com/csp/article/K34893234","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}