CVE-2022-41800EPSS p99.1%

CVE-2022-41800CVE-2022-41800

f5 / big-ip_access_policy_manager

Description

In all versions of BIG-IP, when running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Scoring

CVSS 8.7 ()
VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
EPSS62.41% probability of exploitation · percentile 99.1% · 2026-06-18T12:00:27Z
Last modified2026-06-17
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.