CVE-2015-8022

CWE-2643 documents3 sources

Severity

7.5HIGH

EPSS

0.5%

top 32.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

F5 Big-ip Access Policy Manager F5 Big-ip Advanced Firewall Manager F5 Big-ip Analytics +11 more

Timeline

PublishedAug 19

Latest updateMay 14

Description

The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AFM and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF16 and 11.3.0; and BIG-IP PSM 11.x before 11.2.1…

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages14 packages

▶NVDf5/big-ip_access_policy_manager12 versions+11

▶NVDf5/big-ip_edge_gateway5 versions+4

▶NVDf5/big-ip_link_controller12 versions+11

▶NVDf5/big-ip_policy_enforcement_manager8 versions+7

▶NVDf5/big-ip_analytics12 versions+11

🔴Vulnerability Details

GHSA

GHSA-r4xc-gc5x-c2r7: The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11↗2022-05-14

▶

CVEList

CVE-2015-8022: The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11↗2016-08-19

▶