Vulnerability-Lookup

CVE-2022-28859 (GCVE-0-2022-28859)

Vulnerability from cvelistv5 – Published: 2022-05-05 16:42 – Updated: 2024-09-16 22:10

Summary

On F5 BIG-IP 15.1.x versions prior to 15.1.5.1 and 14.1.x versions prior to 14.1.4.6, when installing Net HSM, the scripts (nethsm-safenet-install.sh and nethsm-thales-install.sh) expose the Net HSM partition password. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-532 - Insertion of Sensitive Information into Log File

Assigner

References

URL

	Vendor	Product	Version
	F5	BIG-IP	Unaffected: 13.1.x Unaffected: 12.1.x Unaffected: 11.6.x Unaffected: 17.0.0 , < 17.0.x* (custom) Unaffected: 16.1.0 , < 16.1.x* (custom) Affected: 15.1.x , < 15.1.5.1 (custom) Affected: 14.1.x , < 14.1.4.6 (custom)

CERTFR-2022-AVI-419

Vulnerability from certfr_avis - Published: 2022-05-05 - Updated: 2022-05-05

De multiples vulnérabilités ont été découvertes dans les produits F5. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

F5 BIG-IP (tous modules) versions 17.x antérieures à 17.0.0
F5 BIG-IP (tous modules) versions 16.x antérieures à 16.1.2.2
F5 BIG-IP (tous modules) versions 15.x antérieures à 15.1.5.1
F5 BIG-IP (tous modules) versions antérieures à 14.1.4.6
NGINX App Protect versions antérieures à 3.7.0

Concernant la vulnérabilité critique, immatriculée CVE-2022-1388, l'éditeur propose un correctif de sécurité pour les produits F5 BIG-IP en versions 13.x. Cependant il est très fortement recommandé pour toutes les versions 11.x, 12.x et 13.x de migrer au moins vers la version 14.1.4.6 afin de pouvoir bénéficier de l'intégralité des correctifs de sécurité.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

CNVD-2022-79948

Vulnerability from cnvd - Published: 2022-11-23

Title

F5 BIG-IP日志信息泄露漏洞

Description

F5 BIG-IP是美国F5公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的应用交付平台。 F5 BIG-IP存在日志信息泄露漏洞，攻击者可利用该漏洞通过访问受密码保护的通常无法访问的分区来使用或删除私钥。

Severity

中

Patch Name

F5 BIG-IP日志信息泄露漏洞的补丁

Patch Description

F5 BIG-IP是美国F5公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的应用交付平台。 F5 BIG-IP存在日志信息泄露漏洞，攻击者可利用该漏洞通过访问受密码保护的通常无法访问的分区来使用或删除私钥。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://support.f5.com/csp/article/K47662005

Reference

https://support.f5.com/csp/article/K47662005

Impacted products

Name
['F5 BIG-IP (all modules) >=14.1.0，<=14.1.4', 'F5 BIG-IP (all modules) >=15.1.0，<=15.1.5', 'F5 BIG-IP (all modules) >=16.0.0，<=16.0.1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-28859",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-28859"
    }
  },
  "description": "F5 BIG-IP\u662f\u7f8e\u56fdF5\u516c\u53f8\u7684\u4e00\u6b3e\u96c6\u6210\u4e86\u7f51\u7edc\u6d41\u91cf\u7ba1\u7406\u3001\u5e94\u7528\u7a0b\u5e8f\u5b89\u5168\u7ba1\u7406\u3001\u8d1f\u8f7d\u5747\u8861\u7b49\u529f\u80fd\u7684\u5e94\u7528\u4ea4\u4ed8\u5e73\u53f0\u3002\n\nF5 BIG-IP\u5b58\u5728\u65e5\u5fd7\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u8bbf\u95ee\u53d7\u5bc6\u7801\u4fdd\u62a4\u7684\u901a\u5e38\u65e0\u6cd5\u8bbf\u95ee\u7684\u5206\u533a\u6765\u4f7f\u7528\u6216\u5220\u9664\u79c1\u94a5\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://support.f5.com/csp/article/K47662005",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-79948",
  "openTime": "2022-11-23",
  "patchDescription": "F5 BIG-IP\u662f\u7f8e\u56fdF5\u516c\u53f8\u7684\u4e00\u6b3e\u96c6\u6210\u4e86\u7f51\u7edc\u6d41\u91cf\u7ba1\u7406\u3001\u5e94\u7528\u7a0b\u5e8f\u5b89\u5168\u7ba1\u7406\u3001\u8d1f\u8f7d\u5747\u8861\u7b49\u529f\u80fd\u7684\u5e94\u7528\u4ea4\u4ed8\u5e73\u53f0\u3002\r\n\r\nF5 BIG-IP\u5b58\u5728\u65e5\u5fd7\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u8bbf\u95ee\u53d7\u5bc6\u7801\u4fdd\u62a4\u7684\u901a\u5e38\u65e0\u6cd5\u8bbf\u95ee\u7684\u5206\u533a\u6765\u4f7f\u7528\u6216\u5220\u9664\u79c1\u94a5\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "F5 BIG-IP\u65e5\u5fd7\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "F5 BIG-IP (all modules) \u003e=14.1.0\uff0c\u003c=14.1.4",
      "F5 BIG-IP (all modules) \u003e=15.1.0\uff0c\u003c=15.1.5",
      "F5 BIG-IP (all modules) \u003e=16.0.0\uff0c\u003c=16.0.1"
    ]
  },
  "referenceLink": "https://support.f5.com/csp/article/K47662005",
  "serverity": "\u4e2d",
  "submitTime": "2022-05-07",
  "title": "F5 BIG-IP\u65e5\u5fd7\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

FKIE_CVE-2022-28859

Vulnerability from fkie_nvd - Published: 2022-05-05 17:15 - Updated: 2024-11-21 06:58

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

References

	URL	Tags
	f5sirt@f5.com	https://support.f5.com/csp/article/K47662005	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K47662005	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-ip_access_policy_manager	14.1.0
f5	big-ip_access_policy_manager	14.1.2
f5	big-ip_access_policy_manager	14.1.3
f5	big-ip_access_policy_manager	14.1.4
f5	big-ip_access_policy_manager	15.1.0
f5	big-ip_access_policy_manager	15.1.1
f5	big-ip_access_policy_manager	15.1.2
f5	big-ip_access_policy_manager	15.1.3
f5	big-ip_access_policy_manager	15.1.4
f5	big-ip_access_policy_manager	15.1.5
f5	big-ip_access_policy_manager	16.1.0
f5	big-ip_access_policy_manager	16.1.1
f5	big-ip_access_policy_manager	16.1.2
f5	big-ip_advanced_firewall_manager	14.1.0
f5	big-ip_advanced_firewall_manager	14.1.2
f5	big-ip_advanced_firewall_manager	14.1.3
f5	big-ip_advanced_firewall_manager	14.1.4
f5	big-ip_advanced_firewall_manager	15.1.0
f5	big-ip_advanced_firewall_manager	15.1.1
f5	big-ip_advanced_firewall_manager	15.1.2
f5	big-ip_advanced_firewall_manager	15.1.3
f5	big-ip_advanced_firewall_manager	15.1.4
f5	big-ip_advanced_firewall_manager	15.1.5
f5	big-ip_advanced_firewall_manager	16.1.0
f5	big-ip_advanced_firewall_manager	16.1.1
f5	big-ip_advanced_firewall_manager	16.1.2
f5	big-ip_analytics	14.1.0
f5	big-ip_analytics	14.1.2
f5	big-ip_analytics	14.1.3
f5	big-ip_analytics	14.1.4
f5	big-ip_analytics	15.1.0
f5	big-ip_analytics	15.1.1
f5	big-ip_analytics	15.1.2
f5	big-ip_analytics	15.1.3
f5	big-ip_analytics	15.1.4
f5	big-ip_analytics	15.1.5
f5	big-ip_analytics	16.1.0
f5	big-ip_analytics	16.1.1
f5	big-ip_analytics	16.1.2
f5	big-ip_application_acceleration_manager	14.1.0
f5	big-ip_application_acceleration_manager	14.1.2
f5	big-ip_application_acceleration_manager	14.1.3
f5	big-ip_application_acceleration_manager	14.1.4
f5	big-ip_application_acceleration_manager	15.1.0
f5	big-ip_application_acceleration_manager	15.1.1
f5	big-ip_application_acceleration_manager	15.1.2
f5	big-ip_application_acceleration_manager	15.1.3
f5	big-ip_application_acceleration_manager	15.1.4
f5	big-ip_application_acceleration_manager	15.1.5
f5	big-ip_application_acceleration_manager	16.1.0
f5	big-ip_application_acceleration_manager	16.1.1
f5	big-ip_application_acceleration_manager	16.1.2
f5	big-ip_application_security_manager	14.1.0
f5	big-ip_application_security_manager	14.1.2
f5	big-ip_application_security_manager	14.1.3
f5	big-ip_application_security_manager	14.1.4
f5	big-ip_application_security_manager	15.1.0
f5	big-ip_application_security_manager	15.1.1
f5	big-ip_application_security_manager	15.1.2
f5	big-ip_application_security_manager	15.1.3
f5	big-ip_application_security_manager	15.1.4
f5	big-ip_application_security_manager	15.1.5
f5	big-ip_application_security_manager	16.1.0
f5	big-ip_application_security_manager	16.1.1
f5	big-ip_application_security_manager	16.1.2
f5	big-ip_domain_name_system	14.1.0
f5	big-ip_domain_name_system	14.1.2
f5	big-ip_domain_name_system	14.1.3
f5	big-ip_domain_name_system	14.1.4
f5	big-ip_domain_name_system	15.1.0
f5	big-ip_domain_name_system	15.1.1
f5	big-ip_domain_name_system	15.1.2
f5	big-ip_domain_name_system	15.1.3
f5	big-ip_domain_name_system	15.1.4
f5	big-ip_domain_name_system	15.1.5
f5	big-ip_domain_name_system	16.1.0
f5	big-ip_domain_name_system	16.1.1
f5	big-ip_domain_name_system	16.1.2
f5	big-ip_fraud_protection_service	14.1.0
f5	big-ip_fraud_protection_service	14.1.2
f5	big-ip_fraud_protection_service	14.1.3
f5	big-ip_fraud_protection_service	14.1.4
f5	big-ip_fraud_protection_service	15.1.0
f5	big-ip_fraud_protection_service	15.1.1
f5	big-ip_fraud_protection_service	15.1.2
f5	big-ip_fraud_protection_service	15.1.3
f5	big-ip_fraud_protection_service	15.1.4
f5	big-ip_fraud_protection_service	15.1.5
f5	big-ip_fraud_protection_service	16.1.0
f5	big-ip_fraud_protection_service	16.1.1
f5	big-ip_fraud_protection_service	16.1.2
f5	big-ip_global_traffic_manager	14.1.0
f5	big-ip_global_traffic_manager	14.1.2
f5	big-ip_global_traffic_manager	14.1.3
f5	big-ip_global_traffic_manager	14.1.4
f5	big-ip_global_traffic_manager	15.1.0
f5	big-ip_global_traffic_manager	15.1.1
f5	big-ip_global_traffic_manager	15.1.2
f5	big-ip_global_traffic_manager	15.1.3
f5	big-ip_global_traffic_manager	15.1.4
f5	big-ip_global_traffic_manager	15.1.5
f5	big-ip_global_traffic_manager	16.1.0
f5	big-ip_global_traffic_manager	16.1.1
f5	big-ip_global_traffic_manager	16.1.2
f5	big-ip_link_controller	14.1.0
f5	big-ip_link_controller	14.1.2
f5	big-ip_link_controller	14.1.3
f5	big-ip_link_controller	14.1.4
f5	big-ip_link_controller	15.1.0
f5	big-ip_link_controller	15.1.1
f5	big-ip_link_controller	15.1.2
f5	big-ip_link_controller	15.1.3
f5	big-ip_link_controller	15.1.4
f5	big-ip_link_controller	15.1.5
f5	big-ip_link_controller	16.1.0
f5	big-ip_link_controller	16.1.1
f5	big-ip_link_controller	16.1.2
f5	big-ip_local_traffic_manager	14.1.0
f5	big-ip_local_traffic_manager	14.1.2
f5	big-ip_local_traffic_manager	14.1.3
f5	big-ip_local_traffic_manager	14.1.4
f5	big-ip_local_traffic_manager	15.1.0
f5	big-ip_local_traffic_manager	15.1.1
f5	big-ip_local_traffic_manager	15.1.2
f5	big-ip_local_traffic_manager	15.1.3
f5	big-ip_local_traffic_manager	15.1.4
f5	big-ip_local_traffic_manager	15.1.5
f5	big-ip_local_traffic_manager	16.1.0
f5	big-ip_local_traffic_manager	16.1.1
f5	big-ip_local_traffic_manager	16.1.2
f5	big-ip_policy_enforcement_manager	14.1.0
f5	big-ip_policy_enforcement_manager	14.1.2
f5	big-ip_policy_enforcement_manager	14.1.3
f5	big-ip_policy_enforcement_manager	14.1.4
f5	big-ip_policy_enforcement_manager	15.1.0
f5	big-ip_policy_enforcement_manager	15.1.1
f5	big-ip_policy_enforcement_manager	15.1.2
f5	big-ip_policy_enforcement_manager	15.1.3
f5	big-ip_policy_enforcement_manager	15.1.4
f5	big-ip_policy_enforcement_manager	15.1.5
f5	big-ip_policy_enforcement_manager	16.1.0
f5	big-ip_policy_enforcement_manager	16.1.1
f5	big-ip_policy_enforcement_manager	16.1.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "25DAD24A-2D43-498E-BC43-183B669EA1FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B25A33B9-2485-4D80-8F49-9B4688A39345",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D3E81E7-3E6A-46AD-827D-14046D93144E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9416AE8-7C48-4986-99E8-5F313715B6B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCA6CE41-1D13-4A7A-94D8-C0D5740870A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "29041413-B405-42A6-B9E9-A3E7C3AC1CB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F0C4673-2F1D-45B6-BC18-83EF68BA3601",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0148360C-1167-4FF9-B231-3D53890BD932",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "214D3CD8-6A1A-4119-B107-0363D34B3458",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CA06267-4A87-4249-8A08-5A78BDCEE884",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF96CE38-E834-475C-92AD-97D904D8F831",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "702ACADF-C7FF-43C9-89A9-5F464718F800",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7E9747B-6167-4E8B-AF48-AA55C900C872",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4BFA5B4-AFC0-4E4C-A4E7-ED7BFDC3411F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "987AEEE0-9301-4F36-BB52-9C260741522F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "51A3D5FE-1B2D-44F3-83DF-BBB3DFBA2DBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "189D37B0-49A3-4369-8F85-325355BE5B29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "71B7081C-A869-402A-9C58-219B3225DB70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA89EA2D-9053-4B84-AE93-208F7640750B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "153BBF00-C7A3-4654-A4F4-2F3DD54A5814",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BCA2C3F-7E1E-48EA-92CF-1AF5274F5012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "950A7D6C-DCA1-4B8E-B3C2-15F1845FF0D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5788C636-64A1-4A9A-BB1A-EBC4ED80C59E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:16.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "48F2498F-8691-4325-8B3D-E56A5CE3F3D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:16.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF19BEB3-1624-433C-9C6C-BE71752A5FCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:16.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "85E54209-6418-4ECE-91EE-A36D82E4AFD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:14.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3F5F2BF-708F-40F6-9BD0-4779DE9A1785",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:14.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC9FA335-23DF-4206-853A-934B41A20525",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:14.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEE1D83B-7E70-4AF0-85BF-530FD1F66825",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:14.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "41D3317C-4A3C-48D2-A56F-7D50E2CE7759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "08E29063-889A-4499-AEAC-D79165EA34A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6550AF19-D3CD-4FD2-AABD-EF02579D0862",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:15.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "670D14AF-EF88-4F82-B295-30BE34745808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:15.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BA899CE-26F3-42C5-8AF5-ABD2E3E01CB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:15.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "61795EB4-7DFF-4168-B1C3-375DA353C678",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:15.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8D10D74-5C97-44DE-B667-3011BBA585F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:16.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2E0BDAB-9EB9-43FB-B49C-CC8440CAF1AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:16.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "59742F26-53D5-49A7-B456-71FD322EFD97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:16.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7DCF9E7-F55B-4448-A35A-42C26BA7123E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FF4312-2711-4526-B604-796E637139E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF145312-4BF7-4BD1-853C-4A3F6FDF2311",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B878A1C5-0FA9-46A6-93D3-9A15652CD2B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4E94B20-41C4-4441-A208-B44F1AFE79C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C32BB88-ECE9-49C1-B75D-D47A17399C10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF25F766-7DF2-4BBB-881C-6C43C801126A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EB1E835-DDA7-4D3A-B92A-DF88CE9509F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9094D9E8-4B45-4714-9626-5866B17B0ADA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "967FD30D-8806-4C8A-BBCD-2C84FCA42BD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D619D58E-D8A8-423C-BB46-EBEDCD887D92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:16.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "530F58C3-EED0-4641-B71D-8F27006EBAD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:16.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "88C68A60-A500-45BA-AE56-C7B2F3122691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:16.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF7EAF3C-66C8-43D2-B276-77D56CA6E63B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "907FEE11-DF3B-4BE7-9BAE-5F6BE20E469D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "49C435C8-DA39-41AF-9E42-AE50C96F9C66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "817F7B3C-1CAC-4BD3-BD1A-C271C9516701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B89FE04-D25D-4FF0-9421-B8BED0F77997",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "14612AC5-945C-4402-AFF0-5FCE11B7C785",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A03DD77-08C8-482F-8F79-48396ED0BF1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "219F951F-C59B-4844-8558-6D07D067DF7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE8FA530-5502-4FE1-A234-5E313D71B931",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6578F36C-12EF-49E4-9012-2ECCE8770A92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "00141CBE-3AF5-40C3-B9D6-E9E61CFABECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:16.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "56FC4AD6-EC04-4BC0-8B13-6AE9805AA8F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:16.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1BC7E64-0621-487A-A612-C82CC040FD90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:16.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "46203B9C-8815-44FC-809B-A24F988CC5AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C529A4BA-F1B7-4297-A9CC-2FF0EB2CB5AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "106CE093-FAED-499F-961B-11484D4A1508",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0092DB5-0E5B-44DE-8299-B8AFDD18526C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2ED3051-5100-4214-B212-C039F1CCCC3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "74DEDC05-82FC-4AD5-9DDD-D0D68DA9E26D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4CDFC55-EE03-4A97-B122-1F459562B074",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AED85D4E-09B0-4A5F-9630-561731543064",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BADF2CC-1D6F-4711-ADD1-02AE987079FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "86B5BB56-DFB0-4859-9980-A72D69C0747B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7851945-44BC-4B08-8156-EFC08793DC90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:16.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6943EFA5-D2C4-4255-B175-6F876A06DE81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:16.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "579581AF-464E-47E2-9345-1B29B8846346",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:16.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDE33ED3-2629-456A-AC7E-62255D6E5FCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1013320D-D0EE-461E-AF90-049F82AC910E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91918377-CD4C-40B6-A167-4F596EA9D2B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA222867-59E6-4C3E-8F4D-003D51D93BA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E83A8D13-E491-4CEA-8761-9C6B39CCD402",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E634D59-2B6D-49B8-A7BD-E2962CD2B455",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "382A68A9-76FE-4FCC-86A8-A96D9EBB5C8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DC0FF34-57F5-4454-9EDB-755F60EDC89B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "68E110D5-07A4-4D45-B623-D0A8894A0E39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9784D592-2275-4B76-BABC-A68C5C995C36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "93E7270E-62BF-4974-8ACD-D9E0A6AA77D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:16.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D211D419-03FA-4E64-9551-D19B73634E45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:16.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E50E357C-95EC-4278-BB26-8BC94B92CC70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:16.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "46C7A912-01EE-4301-84A0-465F97C8F30B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BF46DCE-2603-4E61-87B8-352FF4111567",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B6989D6-DCB0-47C4-9884-3C7B9BB39652",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "35F63FB6-FD94-409A-A00B-7D73C6A35974",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "108A4319-E52F-4DFD-A5E2-7F0623FE0B2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5756EA61-D0E4-4AC1-882D-71EE4BB6CEB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ADBB0BD-F67B-43AD-AC6C-4B5EEF37BFF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "427986E1-F438-42A5-AE19-D70C76C35DE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCFCE08F-8FEC-478A-8620-BACE3F78BC75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E44E67B9-2A93-49AD-A8D8-A670D9F6DD0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEEEB4CB-ADED-46F9-85F8-5B8319811B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:16.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "75641260-5656-4717-9912-FB3AF67DEC77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:16.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D373DB4-A175-4196-AC1D-AD2F8845DE53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:16.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE43C4B8-77B8-4AC0-BD92-33E19A7FD87D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:14.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "71666E6B-8615-4D7B-9A7B-2F6D048FE086",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:14.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4841BDDC-DBDB-48C1-B841-DF3477A8A27C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:14.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "371D42CC-39CB-4F17-AF8F-195BC58F415D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:14.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C9A1D5B-D2A6-4AEE-989F-18C607FA51A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E847B072-2E86-416D-9D39-FD796770A0B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C55AD7A-B63D-4DCD-8222-28CBC64900C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:15.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "282D7673-A22C-4CCB-8476-0ACE0AEE4A90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:15.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB3DF801-A0D8-43EE-92D6-8F0010CF1B76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:15.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "41122A97-81A2-4C3C-97F6-A89AA246503A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:15.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7AE56D9-DDA5-4F8C-8F37-3C1090A95349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:16.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "79C95A86-994C-4F7C-A2E8-A688EE8E8286",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:16.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "35E73A7E-5AFD-4E8F-97E9-3D3955B38CFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:16.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "588E8731-0160-4664-8BC4-45F7F55B58F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A724B2F3-E3FA-456F-9581-0213358B654C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6CE564-D51A-4ACE-8A09-CE65D1713EB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C231E06C-1121-49BD-B5FB-CB45A4D10810",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D001D61-CC58-4FFF-9B1B-44046DB5FAD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "461C4C1D-B0F9-44EF-A535-BCE9FE501A94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC35855-E381-49ED-B929-1B2F1E107615",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E2359AD-205D-49B8-821D-5569F63F91FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "56846B46-E0FC-4921-BE96-368F7CB2FB15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D8FCEF-C962-404B-8663-D11C277F9839",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C07A0B7-25D3-4599-9047-8FF889AD0A23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E2B279F-8EE5-44FD-9EFE-48C652289CF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "69C053C3-AFD9-4A24-83A8-08F8D5614ACB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "994D457F-259C-460E-A3E1-CB2F737A2181",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BDE4D90-5AE4-4183-997E-188FF17D497E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "05C36C95-6191-4C6F-978A-1303E4D75126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4ABEFBF8-9888-4B1D-9912-97C501AFC895",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "98A1FBEB-A427-43A8-B2AB-2E331585D512",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1C2B883-EA96-4B51-865B-B1DE1561096C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C091449-089A-417E-B77C-A4EE1FB86597",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FB05CC1-69F8-4959-8666-D106C0D27826",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6EB971F-907D-49C8-8B59-EA3895394A21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6F3E3A8-0AB8-4F89-961B-AE4BFDE979D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "65AC40D8-1554-4BB6-BD8A-055137A79E00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:16.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7FB3D02-E919-4F91-8FF6-32E78593C014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:16.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E26FB91C-AF0E-4996-8F52-FE4348152BC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:16.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "658A1401-D4C0-47C0-B932-FB46E04697C4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "On F5 BIG-IP 15.1.x versions prior to 15.1.5.1 and 14.1.x versions prior to 14.1.4.6, when installing Net HSM, the scripts (nethsm-safenet-install.sh and nethsm-thales-install.sh) expose the Net HSM partition password. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"
    },
    {
      "lang": "es",
      "value": "En F5 BIG-IP versiones 15.1.x anteriores a 15.1.5.1 y en las versiones 14.1.x anteriores a 14.1.4.6, cuando es instalado Net HSM, los scripts (nethsm-safenet-install.sh y nethsm-thales-install.sh) exponen la contrase\u00f1a de la partici\u00f3n de Net HSM. Nota: Las versiones de software que han alcanzado el Fin del Soporte T\u00e9cnico (EoTS) no son evaluadas"
    }
  ],
  "id": "CVE-2022-28859",
  "lastModified": "2024-11-21T06:58:04.560",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "f5sirt@f5.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-05-05T17:15:14.843",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K47662005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K47662005"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-532"
        }
      ],
      "source": "f5sirt@f5.com",
      "type": "Secondary"
    }
  ]
}

GSD-2022-28859

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-28859

Aliases

CVE-2022-28859

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-28859",
    "description": "On F5 BIG-IP 15.1.x versions prior to 15.1.5.1 and 14.1.x versions prior to 14.1.4.6, when installing Net HSM, the scripts (nethsm-safenet-install.sh and nethsm-thales-install.sh) expose the Net HSM partition password. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated",
    "id": "GSD-2022-28859"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-28859"
      ],
      "details": "On F5 BIG-IP 15.1.x versions prior to 15.1.5.1 and 14.1.x versions prior to 14.1.4.6, when installing Net HSM, the scripts (nethsm-safenet-install.sh and nethsm-thales-install.sh) expose the Net HSM partition password. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated",
      "id": "GSD-2022-28859",
      "modified": "2023-12-13T01:19:34.384855Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "f5sirt@f5.com",
        "DATE_PUBLIC": "2022-05-04T14:00:00.000Z",
        "ID": "CVE-2022-28859",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "BIG-IP",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "!\u003e=",
                          "version_name": "17.0.x",
                          "version_value": "17.0.0"
                        },
                        {
                          "version_affected": "!\u003e=",
                          "version_name": "16.1.x",
                          "version_value": "16.1.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "15.1.x",
                          "version_value": "15.1.5.1"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "14.1.x",
                          "version_value": "14.1.4.6"
                        },
                        {
                          "version_affected": "!",
                          "version_name": "13.1.x",
                          "version_value": "13.1.x"
                        },
                        {
                          "version_affected": "!",
                          "version_name": "12.1.x",
                          "version_value": "12.1.x"
                        },
                        {
                          "version_affected": "!",
                          "version_name": "11.6.x",
                          "version_value": "11.6.x"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "F5"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "On F5 BIG-IP 15.1.x versions prior to 15.1.5.1 and 14.1.x versions prior to 14.1.4.6, when installing Net HSM, the scripts (nethsm-safenet-install.sh and nethsm-thales-install.sh) expose the Net HSM partition password. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-532 Insertion of Sensitive Information into Log File"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://support.f5.com/csp/article/K47662005",
            "refsource": "MISC",
            "url": "https://support.f5.com/csp/article/K47662005"
          }
        ]
      },
      "source": {
        "discovery": "INTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:14.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:14.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:14.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:15.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:15.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:16.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:16.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:16.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:14.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:15.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:15.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:15.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:15.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:15.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:16.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:16.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:16.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:16.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:16.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:16.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:16.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:16.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:14.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:16.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:16.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:14.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:16.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:16.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:16.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:16.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:16.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:16.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:16.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:16.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:16.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:16.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:14.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:14.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:15.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:15.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:15.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:15.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:15.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:16.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:16.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:16.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:16.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2022-28859"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "On F5 BIG-IP 15.1.x versions prior to 15.1.5.1 and 14.1.x versions prior to 14.1.4.6, when installing Net HSM, the scripts (nethsm-safenet-install.sh and nethsm-thales-install.sh) expose the Net HSM partition password. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-532"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K47662005",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.f5.com/csp/article/K47662005"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2022-05-13T12:56Z",
      "publishedDate": "2022-05-05T17:15Z"
    }
  }
}

GHSA-3H9G-5X56-226C

Vulnerability from github – Published: 2022-05-06 00:00 – Updated: 2022-05-14 00:03

Details

Severity ?

6.5 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-28859"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-05-05T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "On F5 BIG-IP 15.1.x versions prior to 15.1.5.1 and 14.1.x versions prior to 14.1.4.6, when installing Net HSM, the scripts (nethsm-safenet-install.sh and nethsm-thales-install.sh) expose the Net HSM partition password. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated",
  "id": "GHSA-3h9g-5x56-226c",
  "modified": "2022-05-14T00:03:30Z",
  "published": "2022-05-06T00:00:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28859"
    },
    {
      "type": "WEB",
      "url": "https://support.f5.com/csp/article/K47662005"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-28859 (GCVE-0-2022-28859)

CERTFR-2022-AVI-419

Solution

CNVD-2022-79948

FKIE_CVE-2022-28859

GSD-2022-28859

GHSA-3H9G-5X56-226C

Tags

Sightings

Nomenclature