CVE-2022-28708: On F5 BIG-IP 16.1.x versions prior to 16.1.2.2 and 15.1.x versions prior to 15.1.5.1, when a BIG-IP DNS resolver-enabled, HTTP-Explicit or SOCKS profile is…

medium5.9CVSS 3.1

AVNACHPRNUINSUCNINAH

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2 and 15.1.x versions prior to 15.1.5.1, when a BIG-IP DNS resolver-enabled, HTTP-Explicit or SOCKS profile is configured on a virtual server, an undisclosed DNS response can cause the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Affected

112 ranges· showing 25

Vendor	Product	Version range	Fixed in
f5	big-ip	>= 15.1.x < 15.1.5.1	15.1.5.1
f5	big-ip	>= 16.1.x < 16.1.2.2	16.1.2.2
f5	big-ip_aam	—	—
f5	big-ip_access_policy_manager	—	—
f5	big-ip_access_policy_manager	—	—
f5	big-ip_access_policy_manager	—	—
f5	big-ip_access_policy_manager	—	—
f5	big-ip_access_policy_manager	—	—
f5	big-ip_access_policy_manager	—	—
f5	big-ip_access_policy_manager	—	—
f5	big-ip_access_policy_manager	—	—
f5	big-ip_access_policy_manager	—	—
f5	big-ip_advanced_firewall_manager	—	—
f5	big-ip_advanced_firewall_manager	—	—
f5	big-ip_advanced_firewall_manager	—	—
f5	big-ip_advanced_firewall_manager	—	—
f5	big-ip_advanced_firewall_manager	—	—
f5	big-ip_advanced_firewall_manager	—	—
f5	big-ip_advanced_firewall_manager	—	—
f5	big-ip_advanced_firewall_manager	—	—
f5	big-ip_advanced_firewall_manager	—	—
f5	big-ip_afm	—	—
f5	big-ip_analytics	—	—
f5	big-ip_analytics	—	—
f5	big-ip_analytics	—	—