### [CVE-2023-38419](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38419)
![](https://img.shields.io/static/v1?label=Product&message=BIG-IP&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=BIG-IQ&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=17.1.0%3C%2017.1.0.2%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-755%20Improper%20Handling%20of%20Exceptional%20Conditions&color=brighgreen)

### Description

An authenticated attacker with guest privileges or higher can cause the iControl SOAP process to terminate by sending undisclosed requests.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/DojoSecurity/DojoSecurity
- https://github.com/afine-com/research