{ "id": "CVE-2022-41624", "sourceIdentifier": "f5sirt@f5.com", "published": "2022-10-19T22:15:12.413", "lastModified": "2022-10-23T01:54:21.057", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.2, 15.1.x before 15.1.7, 14.1.x before 14.1.5.2, and 13.1.x before 13.1.5.1, when a sideband iRule is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization." }, { "lang": "es", "value": "En BIG-IP versiones 17.0.x anteriores a 17.0.0.1, 16.1.x anteriores a 16.1.3.2, 15.1.x anteriores a 15.1.7, 14.1.x anteriores a 14.1.5.2 y 13.1.x anteriores a 13.1.5.1, cuando es configurada una iRule de banda lateral en un servidor virtual, el tr\u00e1fico no revelado puede causar un aumento en la utilizaci\u00f3n de los recursos de memoria" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 3.6 }, { "source": "f5sirt@f5.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } ] }, "weaknesses": [ { "source": "f5sirt@f5.com", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-401" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndExcluding": "13.1.5.1", "matchCriteriaId": "4A662A6A-26E2-4067-8EED-5FC4FDBCB3A7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.5.2", "matchCriteriaId": "A7802C8A-F3C9-449E-8B26-3B801AA72F11" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.1.0", "versionEndExcluding": "15.1.7", "matchCriteriaId": "1E336C29-785D-4363-BB00-3ECD1FFEB579" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "16.1.0", "versionEndExcluding": "16.1.3.2", "matchCriteriaId": "E5587B34-CEFD-48CE-812D-199BC919DAEB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.0.0", "versionEndExcluding": "17.0.0.1", "matchCriteriaId": "7BDA84CE-48B2-40FF-AFDB-260FBF80EDBD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndExcluding": "13.1.5.1", "matchCriteriaId": "9FEA0429-E662-4EC9-831E-69FFE31D790F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.5.2", "matchCriteriaId": "CEFC7381-8575-4388-86A1-4E44D64524BB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.1.0", "versionEndExcluding": "15.1.7", "matchCriteriaId": "1226D02E-50F2-4B75-B524-A11D045E4EB4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "16.1.0", "versionEndExcluding": "16.1.3.2", "matchCriteriaId": "91EAA978-4C54-4F1F-A144-EB12C5084BE8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.0.0", "versionEndExcluding": "17.0.0.1", "matchCriteriaId": "75E67CD8-E084-4C36-BFA4-311F897CD965" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndExcluding": "13.1.5.1", "matchCriteriaId": "F7AAA631-990E-465E-BFAD-8A1D489B90FC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.5.2", "matchCriteriaId": "28D81E37-0BF6-4EB4-B3FC-3AF37C2F8E43" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.1.0", "versionEndExcluding": "15.1.7", "matchCriteriaId": "0F88BE16-F358-4DCD-AB1A-9F374EF03244" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "versionStartIncluding": "16.1.0", "versionEndExcluding": "16.1.3.2", "matchCriteriaId": "034C29D1-A558-469B-BFF8-850E12299A3F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.0.0", "versionEndExcluding": "17.0.0.1", "matchCriteriaId": "489636E2-99C0-4AC5-BB8E-DF102BC10088" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndExcluding": "13.1.5.1", "matchCriteriaId": "D3F8B83B-92A3-494B-8476-7F7652D5CABB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.5.2", "matchCriteriaId": "03AE48BC-9DF5-4518-945A-D21440EA8E24" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.1.0", "versionEndExcluding": "15.1.7", "matchCriteriaId": "3E41ADFF-6B66-4251-A642-DDC13E33A643" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "16.1.0", "versionEndExcluding": "16.1.3.2", "matchCriteriaId": "6887F42D-11FA-449C-ACB4-7CA40DD1FD84" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.0.0", "versionEndExcluding": "17.0.0.1", "matchCriteriaId": "2D519C4F-22BC-4035-A495-7305CFF8CAD0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndExcluding": "13.1.5.1", "matchCriteriaId": "87CE70BA-48FA-4DFD-A2C2-2A91578E38CC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.5.2", "matchCriteriaId": "682A9D1A-E0D9-4F77-BDED-D437971FD8CE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.1.0", "versionEndExcluding": "15.1.7", "matchCriteriaId": "DAE8E3A1-0E66-4A4C-BA58-E22AEA8705F7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "16.1.0", "versionEndExcluding": "16.1.3.2", "matchCriteriaId": "0C0559F1-610D-437C-B83F-47DE51F426D4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.0.0", "versionEndIncluding": "17.0.0.1", "matchCriteriaId": "0C492BCC-5958-4FBB-B29B-113D6CE41992" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndExcluding": "13.1.5.1", "matchCriteriaId": "F99148BC-ABF0-436F-AA6E-8ACEE8F8FB0C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.5.2", "matchCriteriaId": "0069A904-5997-4824-A478-EF8E79F9BA54" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.1.0", "versionEndExcluding": "15.1.7", "matchCriteriaId": "313014B4-8033-4B57-B838-66EE163E86D4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "16.1.0", "versionEndExcluding": "16.1.3.2", "matchCriteriaId": "5B043BC6-3B74-4865-B4EC-0DC1F913904C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.0.0", "versionEndExcluding": "17.0.0.1", "matchCriteriaId": "80FD1CE8-448F-493A-A1FD-C71F73BC1DBC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndExcluding": "13.1.5.1", "matchCriteriaId": "D60DEA53-8DC7-4DF7-B2DD-56C6FF5935D3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.5.2", "matchCriteriaId": "5BB3A984-9740-45B7-9E97-0570651CACBB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.1.0", "versionEndExcluding": "15.1.7", "matchCriteriaId": "63CACC49-9262-413B-9541-F062FB114957" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "versionStartIncluding": "16.1.0", "versionEndExcluding": "16.1.3.2", "matchCriteriaId": "203C4A5A-A8AD-405C-9204-544646BB6B02" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.0.0", "versionEndExcluding": "17.0.0.1", "matchCriteriaId": "216A506B-3D78-40E1-8806-CAF5723B0BE0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndExcluding": "13.1.5.1", "matchCriteriaId": "9801C81E-DFDE-4E96-ACC4-BE7725DD8258" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.5.2", "matchCriteriaId": "F30388B3-810F-4224-99AB-0D8E3970DE4A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.1.0", "versionEndExcluding": "15.1.7", "matchCriteriaId": "574B1926-DCF5-4E9E-8368-0EBE6CAE582E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "16.1.0", "versionEndExcluding": "16.1.3.2", "matchCriteriaId": "6937CFF7-1052-44F7-BBC4-AF60227BC8C8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.0.0", "versionEndExcluding": "17.0.0.1", "matchCriteriaId": "21F828BD-4269-41F4-B819-338B2D966F41" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndExcluding": "13.1.5.1", "matchCriteriaId": "B095E96E-65C7-4730-8D48-4CF7EDBA2D92" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.5.2", "matchCriteriaId": "5CF80600-9815-40F4-A256-F29B7AE03386" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.1.0", "versionEndExcluding": "15.1.7", "matchCriteriaId": "45E9C4FB-F76E-4A1C-AD55-7BB7A4BD303A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "16.1.0", "versionEndExcluding": "16.1.3.2", "matchCriteriaId": "054CCF6B-8AC8-4125-B855-BF8B46D990EF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.0.0", "versionEndExcluding": "17.0.0.1", "matchCriteriaId": "110DEA26-B703-47E7-9882-249516C91611" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndExcluding": "13.1.5.1", "matchCriteriaId": "978CE04B-13BD-479C-949D-4DEEB9C9C9CF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.5.2", "matchCriteriaId": "F5179A3C-F6B8-4DC0-B493-2EF438A617D6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.1.0", "versionEndExcluding": "15.1.7", "matchCriteriaId": "E25D2597-32D7-4676-9A0C-FCAD8D8900A9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "16.1.0", "versionEndExcluding": "16.1.3.2", "matchCriteriaId": "D16A5A1D-136C-4863-AF39-0AEDA2BB8D17" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.0.0", "versionEndExcluding": "17.0.0.1", "matchCriteriaId": "8DF1F656-90A5-409E-AB17-A4A6D45D0593" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "13.1.0", "versionEndExcluding": "13.1.5.1", "matchCriteriaId": "FF720829-612B-48CE-8CAA-EAB04667A77F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.1.0", "versionEndExcluding": "14.1.5.2", "matchCriteriaId": "6F4E9754-A4DA-41CE-9BB4-A7DDEE844703" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.1.0", "versionEndExcluding": "15.1.7", "matchCriteriaId": "7C108E49-CF06-493E-8BEE-2FA0F5999AB9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "16.1.0", "versionEndExcluding": "16.1.3.2", "matchCriteriaId": "B44EE650-7552-4D4D-BC34-FF8ECC3BF257" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.0.0", "versionEndExcluding": "17.0.0.1", "matchCriteriaId": "781BA15A-EC1A-4DC3-AE57-0B5B9C22D812" } ] } ] } ], "references": [ { "url": "https://support.f5.com/csp/article/K43024307", "source": "f5sirt@f5.com", "tags": [ "Vendor Advisory" ] } ] }