CVE-2022-41691
published 2022-10-19CVE-2022-41691: When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate.
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | big-ip_advanced_waf | — | — |
| f5 | big-ip_advanced_waf_asm | >= 14.1.x < 14.1.5.2 | 14.1.5.2 |
| f5 | big-ip_advanced_web_application_firewall | >= 14.1.0 < 14.1.5.2 | 14.1.5.2 |
| f5 | big-ip_application_security_manager | >= 14.1.0 < 14.1.5.2 | 14.1.5.2 |
| f5 | big-ip_asm | — | — |