Vulnerability-Lookup

CVE-2022-29491 (GCVE-0-2022-29491)

Vulnerability from cvelistv5 – Published: 2022-05-05 16:49 – Updated: 2024-09-16 18:03

Summary

On F5 BIG-IP LTM, Advanced WAF, ASM, or APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, 14.1.x versions prior to 14.1.4.6, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a virtual server is configured with HTTP, TCP on one side (client/server), and DTLS on the other (server/client), undisclosed requests can cause the TMM process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-476 - NULL Pointer Dereference

Assigner

References

URL

	Vendor	Product	Version
	F5	BIG-IP LTM, Advanced WAF, ASM, and APM	Affected: 13.1.x Affected: 12.1.x Affected: 11.6.x Unaffected: 17.0.0 , < 17.0.x* (custom) Affected: 16.1.x , < 16.1.2.2 (custom) Affected: 15.1.x , < 15.1.5 (custom) Affected: 14.1.x , < 14.1.4.6 (custom)

CERTFR-2022-AVI-419

Vulnerability from certfr_avis - Published: 2022-05-05 - Updated: 2022-05-05

De multiples vulnérabilités ont été découvertes dans les produits F5. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

F5 BIG-IP (tous modules) versions 17.x antérieures à 17.0.0
F5 BIG-IP (tous modules) versions 16.x antérieures à 16.1.2.2
F5 BIG-IP (tous modules) versions 15.x antérieures à 15.1.5.1
F5 BIG-IP (tous modules) versions antérieures à 14.1.4.6
NGINX App Protect versions antérieures à 3.7.0

Concernant la vulnérabilité critique, immatriculée CVE-2022-1388, l'éditeur propose un correctif de sécurité pour les produits F5 BIG-IP en versions 13.x. Cependant il est très fortement recommandé pour toutes les versions 11.x, 12.x et 13.x de migrer au moins vers la version 14.1.4.6 afin de pouvoir bénéficier de l'intégralité des correctifs de sécurité.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

CNVD-2022-77525

Vulnerability from cnvd - Published: 2022-11-16

Title

F5 BIG-IP代码问题漏洞（CNVD-2022-77525）

Description

F5 BIG-IP是F5公司的一款集成了网络流量编排、负载均衡、智能DNS，远程接入策略管理等功能的应用交付平台。 F5 BIG-IP存在代码问题漏洞，攻击者可利用该漏洞在BIG-IP系统上造成拒绝服务。

Severity

中

Patch Name

F5 BIG-IP代码问题漏洞（CNVD-2022-77525）的补丁

Patch Description

F5 BIG-IP是F5公司的一款集成了网络流量编排、负载均衡、智能DNS，远程接入策略管理等功能的应用交付平台。 F5 BIG-IP存在代码问题漏洞，攻击者可利用该漏洞在BIG-IP系统上造成拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://support.f5.com/csp/article/K14229426

Reference

https://support.f5.com/csp/article/K14229426

Impacted products

Name
['F5 BIG-IP (all modules) >=14.1.0，<=14.1.4', 'F5 BIG-IP (all modules) >=15.1.0，<=15.1.5', 'F5 BIG-IP (all modules) >=16.1.0，<=16.1.2', 'F5 BIG-IP (all modules) >=12.1.0，<=12.1.6', 'F5 BIG-IP (all modules) >=11.6.1，<=11.6.5', 'F5 BIG-IP (all modules) >=13.1.0，<=13.1.5']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-29491",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-29491"
    }
  },
  "description": "F5 BIG-IP\u662fF5\u516c\u53f8\u7684\u4e00\u6b3e\u96c6\u6210\u4e86\u7f51\u7edc\u6d41\u91cf\u7f16\u6392\u3001\u8d1f\u8f7d\u5747\u8861\u3001\u667a\u80fdDNS\uff0c\u8fdc\u7a0b\u63a5\u5165\u7b56\u7565\u7ba1\u7406\u7b49\u529f\u80fd\u7684\u5e94\u7528\u4ea4\u4ed8\u5e73\u53f0\u3002\n\nF5 BIG-IP\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728BIG-IP\u7cfb\u7edf\u4e0a\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://support.f5.com/csp/article/K14229426",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-77525",
  "openTime": "2022-11-16",
  "patchDescription": "F5 BIG-IP\u662fF5\u516c\u53f8\u7684\u4e00\u6b3e\u96c6\u6210\u4e86\u7f51\u7edc\u6d41\u91cf\u7f16\u6392\u3001\u8d1f\u8f7d\u5747\u8861\u3001\u667a\u80fdDNS\uff0c\u8fdc\u7a0b\u63a5\u5165\u7b56\u7565\u7ba1\u7406\u7b49\u529f\u80fd\u7684\u5e94\u7528\u4ea4\u4ed8\u5e73\u53f0\u3002\r\n\r\nF5 BIG-IP\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728BIG-IP\u7cfb\u7edf\u4e0a\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "F5 BIG-IP\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff08CNVD-2022-77525\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "F5 BIG-IP (all modules) \u003e=14.1.0\uff0c\u003c=14.1.4",
      "F5 BIG-IP (all modules) \u003e=15.1.0\uff0c\u003c=15.1.5",
      "F5 BIG-IP (all modules) \u003e=16.1.0\uff0c\u003c=16.1.2",
      "F5 BIG-IP (all modules) \u003e=12.1.0\uff0c\u003c=12.1.6",
      "F5 BIG-IP (all modules) \u003e=11.6.1\uff0c\u003c=11.6.5",
      "F5 BIG-IP (all modules) \u003e=13.1.0\uff0c\u003c=13.1.5"
    ]
  },
  "referenceLink": "https://support.f5.com/csp/article/K14229426",
  "serverity": "\u4e2d",
  "submitTime": "2022-05-07",
  "title": "F5 BIG-IP\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff08CNVD-2022-77525\uff09"
}

GHSA-55JM-H8M6-5GPQ

Vulnerability from github – Published: 2022-05-06 00:00 – Updated: 2022-05-13 00:00

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-29491"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-05-05T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "On F5 BIG-IP LTM, Advanced WAF, ASM, or APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, 14.1.x versions prior to 14.1.4.6, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a virtual server is configured with HTTP, TCP on one side (client/server), and DTLS on the other (server/client), undisclosed requests can cause the TMM process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated",
  "id": "GHSA-55jm-h8m6-5gpq",
  "modified": "2022-05-13T00:00:22Z",
  "published": "2022-05-06T00:00:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29491"
    },
    {
      "type": "WEB",
      "url": "https://support.f5.com/csp/article/K14229426"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2022-29491

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-29491

Aliases

CVE-2022-29491

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-29491",
    "description": "On F5 BIG-IP LTM, Advanced WAF, ASM, or APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, 14.1.x versions prior to 14.1.4.6, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a virtual server is configured with HTTP, TCP on one side (client/server), and DTLS on the other (server/client), undisclosed requests can cause the TMM process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated",
    "id": "GSD-2022-29491"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-29491"
      ],
      "details": "On F5 BIG-IP LTM, Advanced WAF, ASM, or APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, 14.1.x versions prior to 14.1.4.6, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a virtual server is configured with HTTP, TCP on one side (client/server), and DTLS on the other (server/client), undisclosed requests can cause the TMM process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated",
      "id": "GSD-2022-29491",
      "modified": "2023-12-13T01:19:42.216503Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "f5sirt@f5.com",
        "DATE_PUBLIC": "2022-05-04T19:36:00.000Z",
        "ID": "CVE-2022-29491",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "BIG-IP LTM, Advanced WAF, ASM, and APM",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "!\u003e=",
                          "version_name": "17.0.x",
                          "version_value": "17.0.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "16.1.x",
                          "version_value": "16.1.2.2"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "15.1.x",
                          "version_value": "15.1.5"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "14.1.x",
                          "version_value": "14.1.4.6"
                        },
                        {
                          "version_affected": "=",
                          "version_name": "13.1.x",
                          "version_value": "13.1.x"
                        },
                        {
                          "version_affected": "=",
                          "version_name": "12.1.x",
                          "version_value": "12.1.x"
                        },
                        {
                          "version_affected": "=",
                          "version_name": "11.6.x",
                          "version_value": "11.6.x"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "F5"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "On F5 BIG-IP LTM, Advanced WAF, ASM, or APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, 14.1.x versions prior to 14.1.4.6, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a virtual server is configured with HTTP, TCP on one side (client/server), and DTLS on the other (server/client), undisclosed requests can cause the TMM process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-476 NULL Pointer Dereference"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://support.f5.com/csp/article/K14229426",
            "refsource": "MISC",
            "url": "https://support.f5.com/csp/article/K14229426"
          }
        ]
      },
      "source": {
        "discovery": "INTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:16.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:17.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:16.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:16.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:17.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:17.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:11.6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:11.6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:11.6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:11.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:11.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2022-29491"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "On F5 BIG-IP LTM, Advanced WAF, ASM, or APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, 14.1.x versions prior to 14.1.4.6, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a virtual server is configured with HTTP, TCP on one side (client/server), and DTLS on the other (server/client), undisclosed requests can cause the TMM process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-476"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K14229426",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.f5.com/csp/article/K14229426"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2022-05-12T20:58Z",
      "publishedDate": "2022-05-05T17:15Z"
    }
  }
}

FKIE_CVE-2022-29491

Vulnerability from fkie_nvd - Published: 2022-05-05 17:15 - Updated: 2024-11-21 06:59

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	f5sirt@f5.com	https://support.f5.com/csp/article/K14229426	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K14229426	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-ip_access_policy_manager	11.6.1
f5	big-ip_access_policy_manager	11.6.2
f5	big-ip_access_policy_manager	11.6.3
f5	big-ip_access_policy_manager	11.6.4
f5	big-ip_access_policy_manager	11.6.5
f5	big-ip_access_policy_manager	12.1.0
f5	big-ip_access_policy_manager	12.1.1
f5	big-ip_access_policy_manager	12.1.2
f5	big-ip_access_policy_manager	12.1.3
f5	big-ip_access_policy_manager	12.1.4
f5	big-ip_access_policy_manager	12.1.5
f5	big-ip_access_policy_manager	12.1.6
f5	big-ip_access_policy_manager	13.1.0
f5	big-ip_access_policy_manager	13.1.1
f5	big-ip_access_policy_manager	13.1.3
f5	big-ip_access_policy_manager	13.1.4
f5	big-ip_access_policy_manager	13.1.5
f5	big-ip_access_policy_manager	14.1.0
f5	big-ip_access_policy_manager	14.1.2
f5	big-ip_access_policy_manager	14.1.3
f5	big-ip_access_policy_manager	14.1.4
f5	big-ip_access_policy_manager	15.1.0
f5	big-ip_access_policy_manager	15.1.1
f5	big-ip_access_policy_manager	15.1.2
f5	big-ip_access_policy_manager	15.1.3
f5	big-ip_access_policy_manager	15.1.4
f5	big-ip_access_policy_manager	15.1.5
f5	big-ip_access_policy_manager	16.1.0
f5	big-ip_access_policy_manager	16.1.1
f5	big-ip_access_policy_manager	16.1.2
f5	big-ip_access_policy_manager	17.0.0
f5	big-ip_advanced_web_application_firewall	11.6.1
f5	big-ip_advanced_web_application_firewall	11.6.2
f5	big-ip_advanced_web_application_firewall	11.6.3
f5	big-ip_advanced_web_application_firewall	11.6.4
f5	big-ip_advanced_web_application_firewall	11.6.5
f5	big-ip_advanced_web_application_firewall	12.1.0
f5	big-ip_advanced_web_application_firewall	12.1.1
f5	big-ip_advanced_web_application_firewall	12.1.2
f5	big-ip_advanced_web_application_firewall	12.1.3
f5	big-ip_advanced_web_application_firewall	12.1.4
f5	big-ip_advanced_web_application_firewall	12.1.5
f5	big-ip_advanced_web_application_firewall	12.1.6
f5	big-ip_advanced_web_application_firewall	13.1.0
f5	big-ip_advanced_web_application_firewall	13.1.1
f5	big-ip_advanced_web_application_firewall	13.1.3
f5	big-ip_advanced_web_application_firewall	13.1.4
f5	big-ip_advanced_web_application_firewall	13.1.5
f5	big-ip_advanced_web_application_firewall	14.1.0
f5	big-ip_advanced_web_application_firewall	14.1.2
f5	big-ip_advanced_web_application_firewall	14.1.3
f5	big-ip_advanced_web_application_firewall	14.1.4
f5	big-ip_advanced_web_application_firewall	15.1.0
f5	big-ip_advanced_web_application_firewall	15.1.1
f5	big-ip_advanced_web_application_firewall	15.1.2
f5	big-ip_advanced_web_application_firewall	15.1.3
f5	big-ip_advanced_web_application_firewall	15.1.4
f5	big-ip_advanced_web_application_firewall	15.1.5
f5	big-ip_advanced_web_application_firewall	16.1.0
f5	big-ip_advanced_web_application_firewall	16.1.1
f5	big-ip_advanced_web_application_firewall	16.1.2
f5	big-ip_advanced_web_application_firewall	17.0.0
f5	big-ip_application_security_manager	11.6.1
f5	big-ip_application_security_manager	11.6.2
f5	big-ip_application_security_manager	11.6.3
f5	big-ip_application_security_manager	11.6.4
f5	big-ip_application_security_manager	11.6.5
f5	big-ip_application_security_manager	12.1.0
f5	big-ip_application_security_manager	12.1.1
f5	big-ip_application_security_manager	12.1.2
f5	big-ip_application_security_manager	12.1.3
f5	big-ip_application_security_manager	12.1.4
f5	big-ip_application_security_manager	12.1.5
f5	big-ip_application_security_manager	12.1.6
f5	big-ip_application_security_manager	13.1.0
f5	big-ip_application_security_manager	13.1.1
f5	big-ip_application_security_manager	13.1.3
f5	big-ip_application_security_manager	13.1.4
f5	big-ip_application_security_manager	13.1.5
f5	big-ip_application_security_manager	14.1.0
f5	big-ip_application_security_manager	14.1.2
f5	big-ip_application_security_manager	14.1.3
f5	big-ip_application_security_manager	14.1.4
f5	big-ip_application_security_manager	15.1.0
f5	big-ip_application_security_manager	15.1.1
f5	big-ip_application_security_manager	15.1.2
f5	big-ip_application_security_manager	15.1.3
f5	big-ip_application_security_manager	15.1.4
f5	big-ip_application_security_manager	15.1.5
f5	big-ip_application_security_manager	16.1.0
f5	big-ip_application_security_manager	16.1.1
f5	big-ip_application_security_manager	16.1.2
f5	big-ip_application_security_manager	17.0.0
f5	big-ip_local_traffic_manager	11.6.1
f5	big-ip_local_traffic_manager	11.6.2
f5	big-ip_local_traffic_manager	11.6.3
f5	big-ip_local_traffic_manager	11.6.4
f5	big-ip_local_traffic_manager	11.6.5
f5	big-ip_local_traffic_manager	12.1.0
f5	big-ip_local_traffic_manager	12.1.1
f5	big-ip_local_traffic_manager	12.1.2
f5	big-ip_local_traffic_manager	12.1.3
f5	big-ip_local_traffic_manager	12.1.4
f5	big-ip_local_traffic_manager	12.1.5
f5	big-ip_local_traffic_manager	12.1.6
f5	big-ip_local_traffic_manager	13.1.0
f5	big-ip_local_traffic_manager	13.1.1
f5	big-ip_local_traffic_manager	13.1.3
f5	big-ip_local_traffic_manager	13.1.4
f5	big-ip_local_traffic_manager	13.1.5
f5	big-ip_local_traffic_manager	14.1.0
f5	big-ip_local_traffic_manager	14.1.2
f5	big-ip_local_traffic_manager	14.1.3
f5	big-ip_local_traffic_manager	14.1.4
f5	big-ip_local_traffic_manager	15.1.0
f5	big-ip_local_traffic_manager	15.1.1
f5	big-ip_local_traffic_manager	15.1.2
f5	big-ip_local_traffic_manager	15.1.3
f5	big-ip_local_traffic_manager	15.1.4
f5	big-ip_local_traffic_manager	15.1.5
f5	big-ip_local_traffic_manager	16.1.0
f5	big-ip_local_traffic_manager	16.1.1
f5	big-ip_local_traffic_manager	16.1.2
f5	big-ip_local_traffic_manager	17.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E33BCA5B-CE91-451C-9821-2023A9E461C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DEE8658-1C3C-4245-960B-C0EA5A6843AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7461621-52A4-46AF-AD61-651CEF43DF29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9EE524-2CA9-4252-8BC6-0C438C27AA5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F1AB0A-F56D-4154-A992-D4EE722E0922",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2044C-AC6F-4145-B1A0-8EB26DCF1F8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FC866D4-CE8C-4408-AD1E-8643AC554CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7563D979-BE37-4251-B92E-0DBDBE53F3FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "846E0609-BDD4-4B55-AC35-325D437CE2B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "35ADE9D3-F6FF-4418-83B6-42896B200CA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D8503D6-43CC-436E-A9DB-EC99C3E79C43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6781DA7-9577-4FDE-8170-CC8DD90BD1AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5491BC3C-EE0C-43FA-B870-BBF9FC4FADB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "41408E51-04CC-4208-9DBA-0A5A90EFC7A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C90F3BA6-6466-48C5-A621-B44549419496",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "79A3A605-EBE9-4C50-B6F4-5FBD385FA8B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3E688B1-28C4-4F9A-9474-381FD22E792D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "25DAD24A-2D43-498E-BC43-183B669EA1FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B25A33B9-2485-4D80-8F49-9B4688A39345",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D3E81E7-3E6A-46AD-827D-14046D93144E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9416AE8-7C48-4986-99E8-5F313715B6B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCA6CE41-1D13-4A7A-94D8-C0D5740870A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "29041413-B405-42A6-B9E9-A3E7C3AC1CB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F0C4673-2F1D-45B6-BC18-83EF68BA3601",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0148360C-1167-4FF9-B231-3D53890BD932",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "214D3CD8-6A1A-4119-B107-0363D34B3458",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CA06267-4A87-4249-8A08-5A78BDCEE884",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF96CE38-E834-475C-92AD-97D904D8F831",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "702ACADF-C7FF-43C9-89A9-5F464718F800",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7E9747B-6167-4E8B-AF48-AA55C900C872",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:17.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD637AF5-F7D1-428F-955E-16756B7476E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "663B44C5-2807-4FA4-A972-281EFA8CF5DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:11.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "992A18FD-F2EF-49BF-BF31-079F93C48A0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:11.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "47CDFBFC-DAC1-4A7C-8FCB-A80452E30616",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:11.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0377016-010F-4149-82B6-1813A54866A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:11.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B99B74E-EC84-4FF6-934D-6B2753AD3CE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "12136FED-2F59-4C39-AD34-67F49DDFFEFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6710C2BB-83D1-4D2F-915E-4BDAFBA1C848",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5FF2B3E-3BA2-407D-BDD5-7308691781C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5314069F-2D5E-4A2D-91D7-C20D434CCB34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFD3D544-55A4-4DDD-BA73-E1CE648A109C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "55635E89-8EC7-4B97-AABD-A4983CDBA693",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4ADA147-8345-4BE5-A078-032CAD86D345",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CB7DF-0C05-409E-9BE1-587717BD2563",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7341E8FE-A103-4818-B38C-CCF2710C999B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "410A7A93-500B-4CBB-8841-16E7DE4101DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "441413AF-290D-43DF-B41E-61DB3598BEB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE4838A8-A7AD-44EE-A5CC-48A32C0E456A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "598EE8AB-76D3-464E-B8C3-47533A22F879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "206EB22C-AC2A-4A4E-8531-98E43EF497DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "769F8D7B-2052-4205-B255-9842A22DF963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F55C04B-A248-47C1-8EF5-933E4CFBB3A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDE52157-F1BB-4BCA-B582-48D826BBD0E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD2EF76F-9A4D-4DEC-B7F6-ED7DAA16766D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F14F4EE-8E16-4E0C-8FAE-5846323DD379",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E330DBEF-9020-49C1-886F-E661334BCC2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "48D32035-7284-4D22-A243-CFEA5B01734B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "927D1FD4-47F3-4A72-A360-B996892C2E47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D6DDE1-8168-4681-8B68-3A3F47090994",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E09B41FA-2A79-447A-9C91-85FFD8099C79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E031E7B7-C66C-4BC7-9BB8-F42A2B9517AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93FAFBD-B361-44AD-9EE5-EE595CAE9EDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94DBCD7A-E4DA-4C08-87A4-960CF53A83E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0221C238-8DF6-44EA-B390-15EEB180902E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "95599B32-F922-4948-885C-A8DE0CAEE2DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "47300DC0-693E-4971-BAFD-12B16FBD3BBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "46D9C9C4-AF8A-4B51-8AEA-28F5B784AA79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB2118A-0F9C-4273-BB07-85FEA32C785B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8541C9EF-69A8-4641-B173-3BCE0EDD20A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E24A3C71-0075-4738-B114-267337D050CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A906E40D-7386-4A83-89D7-8EA0BDF5ABD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "18433DF6-2F3E-4527-943E-39D64A84B7EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "010F5633-B6B6-4C31-AD04-E1119D75D5B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "15DF249E-7BA6-4321-BFD8-EAAE9DCDFFF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5FDBD38-369B-4007-8D9A-B65B83B2AABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "69F18D98-3C29-4012-8A3A-0D7FB55F5735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "168FDFB8-CD1F-49C7-89BB-87278795E582",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAFFCAB-144B-4C2F-88F8-D35930012F44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D030F54-8F3E-4844-8B51-B93A31805010",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "907FEE11-DF3B-4BE7-9BAE-5F6BE20E469D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "49C435C8-DA39-41AF-9E42-AE50C96F9C66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "817F7B3C-1CAC-4BD3-BD1A-C271C9516701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B89FE04-D25D-4FF0-9421-B8BED0F77997",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "14612AC5-945C-4402-AFF0-5FCE11B7C785",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A03DD77-08C8-482F-8F79-48396ED0BF1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "219F951F-C59B-4844-8558-6D07D067DF7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE8FA530-5502-4FE1-A234-5E313D71B931",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6578F36C-12EF-49E4-9012-2ECCE8770A92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "00141CBE-3AF5-40C3-B9D6-E9E61CFABECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:16.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "56FC4AD6-EC04-4BC0-8B13-6AE9805AA8F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:16.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1BC7E64-0621-487A-A612-C82CC040FD90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:16.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "46203B9C-8815-44FC-809B-A24F988CC5AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:17.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9AB53DF-7335-462E-B8CD-44DF0DCE3826",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2B502F2-404C-463B-B6BE-87489DC881F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4FC2E0F-763D-4C13-A3ED-E5EE0150C2A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0E94252-1980-4EE0-8289-CCD4E5B4F29E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA2478D7-7400-4FC8-84B9-77DB43AFC6B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB3BD31-D6D8-4AEE-B1DF-46ABBDCD5416",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82C7B1C-E195-4D94-B604-78FB464C4F81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F6C3144-D0DE-4248-BFCD-04A7E6104044",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0357B5ED-0600-4756-93E5-692987068596",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "290DB9CD-21EC-4BE7-AD81-DC6178408CC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8836678-CC0D-47A3-A6C8-B4C56CFB3574",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4EDA2C9-9A62-48DF-99A1-F2E7EABD79F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "263197B2-7BEB-48DF-A7A3-A2EA0DA49FA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DD7E85A-BE85-4CA1-B9CB-0888735EA132",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABB28BCE-A389-4327-8DB6-D745E0F95C5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC063A34-AB9C-47AC-A6A6-9A920C5E63B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "62F9FDD3-D238-44EF-8AF4-5B1987AA3E2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E37750C-50F3-480A-AA40-23D59F50E4B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A724B2F3-E3FA-456F-9581-0213358B654C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6CE564-D51A-4ACE-8A09-CE65D1713EB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C231E06C-1121-49BD-B5FB-CB45A4D10810",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D001D61-CC58-4FFF-9B1B-44046DB5FAD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "461C4C1D-B0F9-44EF-A535-BCE9FE501A94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC35855-E381-49ED-B929-1B2F1E107615",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E2359AD-205D-49B8-821D-5569F63F91FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "56846B46-E0FC-4921-BE96-368F7CB2FB15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D8FCEF-C962-404B-8663-D11C277F9839",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C07A0B7-25D3-4599-9047-8FF889AD0A23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E2B279F-8EE5-44FD-9EFE-48C652289CF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "69C053C3-AFD9-4A24-83A8-08F8D5614ACB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "994D457F-259C-460E-A3E1-CB2F737A2181",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:17.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "73FB842B-33B1-4AD4-AC61-47192A87A785",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "On F5 BIG-IP LTM, Advanced WAF, ASM, or APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, 14.1.x versions prior to 14.1.4.6, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a virtual server is configured with HTTP, TCP on one side (client/server), and DTLS on the other (server/client), undisclosed requests can cause the TMM process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"
    },
    {
      "lang": "es",
      "value": "En F5 BIG-IP LTM, Advanced WAF, ASM o APM versiones 16.1.x anteriores a 16.1.2.2, las versiones 15.1.x anteriores a 15.1.5, las versiones 14.1.x anteriores a 14.1.4.6 y todas las versiones de 13.1.x, 12.1.x y 11. 6.x, cuando un servidor virtual est\u00e1 configurado con HTTP, TCP en un lado (cliente/servidor), y DTLS en el otro (servidor/cliente), las peticiones no reveladas pueden causar la terminaci\u00f3n del proceso TMM. Nota: Las versiones de software que han alcanzado el Fin de Soporte T\u00e9cnico (EoTS) no son evaluadas"
    }
  ],
  "id": "CVE-2022-29491",
  "lastModified": "2024-11-21T06:59:10.990",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "f5sirt@f5.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-05-05T17:15:15.233",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K14229426"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K14229426"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "f5sirt@f5.com",
      "type": "Secondary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-29491 (GCVE-0-2022-29491)

CERTFR-2022-AVI-419

Solution

CNVD-2022-77525

GHSA-55JM-H8M6-5GPQ

GSD-2022-29491

FKIE_CVE-2022-29491

Tags

Sightings

Nomenclature