mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
403 lines
17 KiB
JSON
403 lines
17 KiB
JSON
{
|
|
"id": "CVE-2022-36795",
|
|
"sourceIdentifier": "f5sirt@f5.com",
|
|
"published": "2022-10-19T22:15:11.447",
|
|
"lastModified": "2022-10-21T15:21:25.160",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, and 14.1.x before 14.1.5.1, when an LTM TCP profile with Auto Receive Window Enabled is configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing new client connections."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "En BIG-IP versiones 17.0.x anteriores a 17.0.0.1, 16.1.x anteriores a 16.1.3.1, 15.1.x anteriores a 15.1.7 y 14.1.x anteriores a 14.1.5.1, cuando es configurado un perfil LTM TCP con la Ventana de Recepci\u00f3n Autom\u00e1tica Habilitada en un servidor virtual, el tr\u00e1fico no revelado puede causar que el servidor virtual deje de procesar nuevas conexiones de clientes"
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.5,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 3.6
|
|
},
|
|
{
|
|
"source": "f5sirt@f5.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "LOW",
|
|
"baseScore": 5.3,
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 1.4
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "f5sirt@f5.com",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-682"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.5.1",
|
|
"matchCriteriaId": "E94575F8-271B-4C99-BD91-5E860E389E16"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.7",
|
|
"matchCriteriaId": "1E336C29-785D-4363-BB00-3ECD1FFEB579"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.1.0",
|
|
"versionEndExcluding": "16.1.3.1",
|
|
"matchCriteriaId": "AE0DB896-63DC-4622-A4DA-5B77A919EDF0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "17.0.0",
|
|
"versionEndExcluding": "17.0.0.1",
|
|
"matchCriteriaId": "7BDA84CE-48B2-40FF-AFDB-260FBF80EDBD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.5.1",
|
|
"matchCriteriaId": "48172A3E-435E-4E60-9775-F6C465107E52"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.7",
|
|
"matchCriteriaId": "1226D02E-50F2-4B75-B524-A11D045E4EB4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.1.0",
|
|
"versionEndExcluding": "16.1.3.1",
|
|
"matchCriteriaId": "EE0CE38A-7167-4DE4-BB9D-CD6DF81FE0F2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "17.0.0",
|
|
"versionEndExcluding": "17.0.0.1",
|
|
"matchCriteriaId": "75E67CD8-E084-4C36-BFA4-311F897CD965"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.5.1",
|
|
"matchCriteriaId": "02C65A16-56CA-4B67-9687-3E154E0C3CB8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.7",
|
|
"matchCriteriaId": "0F88BE16-F358-4DCD-AB1A-9F374EF03244"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.1.0",
|
|
"versionEndExcluding": "16.1.3.1",
|
|
"matchCriteriaId": "1BC32350-1D2B-4284-941B-8B98305C45F0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "17.0.0",
|
|
"versionEndExcluding": "17.0.0.1",
|
|
"matchCriteriaId": "489636E2-99C0-4AC5-BB8E-DF102BC10088"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.5.1",
|
|
"matchCriteriaId": "F7E87FB8-85D9-4011-9F34-5A01E8850EED"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.7",
|
|
"matchCriteriaId": "3E41ADFF-6B66-4251-A642-DDC13E33A643"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.1.0",
|
|
"versionEndExcluding": "16.1.3.1",
|
|
"matchCriteriaId": "83ACDEF1-CF4F-41BF-B256-EA7198BB9208"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "17.0.0",
|
|
"versionEndExcluding": "17.0.0.1",
|
|
"matchCriteriaId": "2D519C4F-22BC-4035-A495-7305CFF8CAD0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.5.1",
|
|
"matchCriteriaId": "E4FFADE1-6D10-412B-84F2-AD6895EF8196"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.7",
|
|
"matchCriteriaId": "DAE8E3A1-0E66-4A4C-BA58-E22AEA8705F7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.1.0",
|
|
"versionEndExcluding": "16.1.3.1",
|
|
"matchCriteriaId": "179FECCD-2795-4194-BED0-18CFEF792E9F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "17.0.0",
|
|
"versionEndIncluding": "17.0.0.1",
|
|
"matchCriteriaId": "0C492BCC-5958-4FBB-B29B-113D6CE41992"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.5.1",
|
|
"matchCriteriaId": "BAE2D795-D387-46A5-ACD3-2D1B4AE2C2BE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.7",
|
|
"matchCriteriaId": "313014B4-8033-4B57-B838-66EE163E86D4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.1.0",
|
|
"versionEndExcluding": "16.1.3.1",
|
|
"matchCriteriaId": "37684CEC-10C0-4B3C-B8F1-BBAAF3C08B61"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "17.0.0",
|
|
"versionEndExcluding": "17.0.0.1",
|
|
"matchCriteriaId": "80FD1CE8-448F-493A-A1FD-C71F73BC1DBC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.5.1",
|
|
"matchCriteriaId": "79D9E57A-C39A-438E-AE73-66B8D966ABBD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.7",
|
|
"matchCriteriaId": "63CACC49-9262-413B-9541-F062FB114957"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.1.0",
|
|
"versionEndExcluding": "16.1.3.1",
|
|
"matchCriteriaId": "58B1F7D1-80E2-4C5E-967C-C48244BA7B43"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "17.0.0",
|
|
"versionEndExcluding": "17.0.0.1",
|
|
"matchCriteriaId": "216A506B-3D78-40E1-8806-CAF5723B0BE0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.5.1",
|
|
"matchCriteriaId": "14817A84-8837-47A1-8EC0-89BFE2B7FFCE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.7",
|
|
"matchCriteriaId": "574B1926-DCF5-4E9E-8368-0EBE6CAE582E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.1.0",
|
|
"versionEndExcluding": "16.1.3.1",
|
|
"matchCriteriaId": "4FE45D7A-BBB1-41AB-B980-B0BE9A3B5E83"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "17.0.0",
|
|
"versionEndExcluding": "17.0.0.1",
|
|
"matchCriteriaId": "21F828BD-4269-41F4-B819-338B2D966F41"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.5.1",
|
|
"matchCriteriaId": "E3096F08-8022-408C-8B9D-E5C66C90F3FC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.7",
|
|
"matchCriteriaId": "45E9C4FB-F76E-4A1C-AD55-7BB7A4BD303A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.1.0",
|
|
"versionEndExcluding": "16.1.3.1",
|
|
"matchCriteriaId": "6A57376D-044D-46E4-9702-ECEF1F8A6380"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "17.0.0",
|
|
"versionEndExcluding": "17.0.0.1",
|
|
"matchCriteriaId": "110DEA26-B703-47E7-9882-249516C91611"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.5.1",
|
|
"matchCriteriaId": "81F01E35-9B1F-4779-A807-1799ACBDE603"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.7",
|
|
"matchCriteriaId": "E25D2597-32D7-4676-9A0C-FCAD8D8900A9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.1.0",
|
|
"versionEndExcluding": "16.1.3.1",
|
|
"matchCriteriaId": "330DF580-A2F8-43A9-A73A-18DAE744352A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "17.0.0",
|
|
"versionEndExcluding": "17.0.0.1",
|
|
"matchCriteriaId": "8DF1F656-90A5-409E-AB17-A4A6D45D0593"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.5.1",
|
|
"matchCriteriaId": "9294B662-A67D-41FB-88E7-5AF1998B31BE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.7",
|
|
"matchCriteriaId": "7C108E49-CF06-493E-8BEE-2FA0F5999AB9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.1.0",
|
|
"versionEndExcluding": "16.1.3.1",
|
|
"matchCriteriaId": "EA2E069B-1FD5-48BE-9468-9C70C2BC30C1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "17.0.0",
|
|
"versionEndExcluding": "17.0.0.1",
|
|
"matchCriteriaId": "781BA15A-EC1A-4DC3-AE57-0B5B9C22D812"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://support.f5.com/csp/article/K52494562",
|
|
"source": "f5sirt@f5.com",
|
|
"tags": [
|
|
"Mitigation",
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |