F5 has warned of a high-severity flaw impacting BIG-IP appliances that could lead to denial-of-service (DoS) or arbitrary code execution.
The issue is rooted in the iControl Simple Object Access Protocol (SOAP) interface and affects the following versions of BIG-IP – 13.1.5
14.1.4.6 – 14.1.5
15.1.5.1 – 15.1.8
16.1.2.2 – 16.1.3, and
17.0.0 “A format string vulnerability exists in iControl SOAP