cbcvebase.
CVE-2022-23010
published 2022-01-25

CVE-2022-23010: On BIG-IP versions 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a FastL4 profile…

high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
On BIG-IP versions 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a FastL4 profile and an HTTP profile are configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Affected

78 ranges· showing 25
VendorProductVersion rangeFixed in
f5big-ip_aam
f5big-ip_access_policy_manager
f5big-ip_access_policy_manager11.6.0 – 11.6.5
f5big-ip_access_policy_manager12.1.0 – 12.1.6
f5big-ip_access_policy_manager13.1.0 – 13.1.4
f5big-ip_access_policy_manager>= 14.1.0 < 14.1.4.414.1.4.4
f5big-ip_access_policy_manager>= 15.1.0 < 15.1.4.115.1.4.1
f5big-ip_access_policy_manager>= 16.0.0 < 16.1.016.1.0
f5big-ip_advanced_firewall_manager11.6.0 – 11.6.5
f5big-ip_advanced_firewall_manager12.1.0 – 12.1.6
f5big-ip_advanced_firewall_manager13.1.0 – 13.1.4
f5big-ip_advanced_firewall_manager>= 14.1.0 < 14.1.4.414.1.4.4
f5big-ip_advanced_firewall_manager>= 15.1.0 < 15.1.4.115.1.4.1
f5big-ip_advanced_firewall_manager>= 16.0.0 < 16.1.016.1.0
f5big-ip_afm
f5big-ip_analytics
f5big-ip_analytics11.6.0 – 11.6.5
f5big-ip_analytics12.1.0 – 12.1.6
f5big-ip_analytics13.1.0 – 13.1.4
f5big-ip_analytics>= 14.1.0 < 14.1.4.414.1.4.4
f5big-ip_analytics>= 15.1.0 < 15.1.4.115.1.4.1
f5big-ip_analytics>= 16.0.0 < 16.1.016.1.0
f5big-ip_apm
f5big-ip_application_acceleration_manager11.6.0 – 11.6.5
f5big-ip_application_acceleration_manager12.1.0 – 12.1.6