CVE-2022-28859
published 2022-05-05CVE-2022-28859: On F5 BIG-IP 15.1.x versions prior to 15.1.5.1 and 14.1.x versions prior to 14.1.4.6, when installing Net HSM, the scripts (nethsm-safenet-install.sh and…
medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
On F5 BIG-IP 15.1.x versions prior to 15.1.5.1 and 14.1.x versions prior to 14.1.4.6, when installing Net HSM, the scripts (nethsm-safenet-install.sh and nethsm-thales-install.sh) expose the Net HSM partition password. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Affected
156 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | big-ip | >= 14.1.x < 14.1.4.6 | 14.1.4.6 |
| f5 | big-ip | >= 15.1.x < 15.1.5.1 | 15.1.5.1 |
| f5 | big-ip_aam | — | — |
| f5 | big-ip_access_policy_manager | — | — |
| f5 | big-ip_access_policy_manager | — | — |
| f5 | big-ip_access_policy_manager | — | — |
| f5 | big-ip_access_policy_manager | — | — |
| f5 | big-ip_access_policy_manager | — | — |
| f5 | big-ip_access_policy_manager | — | — |
| f5 | big-ip_access_policy_manager | — | — |
| f5 | big-ip_access_policy_manager | — | — |
| f5 | big-ip_access_policy_manager | — | — |
| f5 | big-ip_access_policy_manager | — | — |
| f5 | big-ip_access_policy_manager | — | — |
| f5 | big-ip_access_policy_manager | — | — |
| f5 | big-ip_access_policy_manager | — | — |
| f5 | big-ip_advanced_firewall_manager | — | — |
| f5 | big-ip_advanced_firewall_manager | — | — |
| f5 | big-ip_advanced_firewall_manager | — | — |
| f5 | big-ip_advanced_firewall_manager | — | — |
| f5 | big-ip_advanced_firewall_manager | — | — |
| f5 | big-ip_advanced_firewall_manager | — | — |
| f5 | big-ip_advanced_firewall_manager | — | — |
| f5 | big-ip_advanced_firewall_manager | — | — |
| f5 | big-ip_advanced_firewall_manager | — | — |