CVE-2022-41836
published 2022-10-19CVE-2022-41836: When an 'Attack Signature False Positive Mode' enabled security policy is configured on a virtual server, undisclosed requests can cause the bd process to…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
When an 'Attack Signature False Positive Mode' enabled security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | big-ip_advanced_waf | — | — |
| f5 | big-ip_advanced_waf_asm | >= 15.1.x < 15.1.7 | 15.1.7 |
| f5 | big-ip_advanced_waf_asm | >= 16.1.x < 16.1.3.1 | 16.1.3.1 |
| f5 | big-ip_advanced_waf_asm | >= 17.0.x < 17.0.0.1 | 17.0.0.1 |
| f5 | big-ip_advanced_web_application_firewall | — | — |
| f5 | big-ip_advanced_web_application_firewall | >= 15.1.0 < 15.1.7 | 15.1.7 |
| f5 | big-ip_advanced_web_application_firewall | >= 16.1.0 < 16.1.3.1 | 16.1.3.1 |
| f5 | big-ip_application_security_manager | — | — |
| f5 | big-ip_application_security_manager | >= 15.1.0 < 15.1.7 | 15.1.7 |
| f5 | big-ip_application_security_manager | >= 16.1.0 < 16.1.3.1 | 16.1.3.1 |
| f5 | big-ip_asm | — | — |