CVE-2022-41787
published 2022-10-19CVE-2022-41787: In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when DNS profile…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when DNS profile is configured on a virtual server with DNS Express enabled, undisclosed DNS queries with DNSSEC can cause TMM to terminate.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | big-ip_dns | — | — |
| f5 | big-ip_dns | >= 13.1.x < 13.1.5.1 | 13.1.5.1 |
| f5 | big-ip_dns | >= 14.1.x < 14.1.5.1 | 14.1.5.1 |
| f5 | big-ip_dns | >= 15.1.x < 15.1.6.1 | 15.1.6.1 |
| f5 | big-ip_dns | >= 16.1.x < 16.1.3.1 | 16.1.3.1 |
| f5 | big-ip_dns | >= 17.0.x < 17.0.0.1 | 17.0.0.1 |
| f5 | big-ip_domain_name_system | >= 13.1.0 < 13.1.5.1 | 13.1.5.1 |
| f5 | big-ip_domain_name_system | >= 14.1.0 < 14.1.5.1 | 14.1.5.1 |
| f5 | big-ip_domain_name_system | >= 15.1.0 < 15.1.6.1 | 15.1.6.1 |
| f5 | big-ip_domain_name_system | >= 16.1.0 < 16.1.3.1 | 16.1.3.1 |
| f5 | big-ip_domain_name_system | >= 17.0.0 < 17.0.0.1 | 17.0.0.1 |
| f5 | big-ip_local_traffic_manager | >= 13.1.0 < 13.1.5.1 | 13.1.5.1 |
| f5 | big-ip_local_traffic_manager | >= 14.1.0 < 14.1.5.1 | 14.1.5.1 |
| f5 | big-ip_local_traffic_manager | >= 15.1.0 < 15.1.6.1 | 15.1.6.1 |
| f5 | big-ip_local_traffic_manager | >= 16.1.0 < 16.1.3.1 | 16.1.3.1 |
| f5 | big-ip_local_traffic_manager | >= 17.0.0 < 17.0.0.1 | 17.0.0.1 |
| f5 | big-ip_ltm | — | — |
| f5 | big-ip_ltm | >= 13.1.x < 13.1.5.1 | 13.1.5.1 |
| f5 | big-ip_ltm | >= 14.1.x < 14.1.5.1 | 14.1.5.1 |
| f5 | big-ip_ltm | >= 15.1.x < 15.1.6.1 | 15.1.6.1 |
| f5 | big-ip_ltm | >= 16.1.x < 16.1.3.1 | 16.1.3.1 |
| f5 | big-ip_ltm | >= 17.0.x < 17.0.0.1 | 17.0.0.1 |