cbcvebase.
CVE-2022-41983
published 2022-10-19

CVE-2022-41983: On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, while…

low3.7CVSS 3.1
AVNACHPRNUINSUCLINAN
On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, while Intel QAT (QuickAssist Technology) and the AES-GCM/CCM cipher is in use, undisclosed conditions can cause BIG-IP to send data unencrypted even with an SSL Profile applied.

Affected

99 ranges· showing 25
VendorProductVersion rangeFixed in
f5big-ip>= 13.1.0 < 13.1.x*13.1.x*
f5big-ip>= 14.1.x < 14.1.5.114.1.5.1
f5big-ip>= 15.1.x < 15.1.715.1.7
f5big-ip>= 16.1.x < 16.1.3.116.1.3.1
f5big-ip_aam
f5big-ip_access_policy_manager13.1.0 – 13.1.5
f5big-ip_access_policy_manager>= 14.1.0 < 14.1.5.114.1.5.1
f5big-ip_access_policy_manager>= 15.1.0 < 15.1.715.1.7
f5big-ip_access_policy_manager>= 16.1.0 < 16.1.3.116.1.3.1
f5big-ip_advanced_firewall_manager13.1.0 – 13.1.5
f5big-ip_advanced_firewall_manager>= 14.1.0 < 14.1.5.114.1.5.1
f5big-ip_advanced_firewall_manager>= 15.1.0 < 15.1.715.1.7
f5big-ip_advanced_firewall_manager>= 16.1.0 < 16.1.3.116.1.3.1
f5big-ip_advanced_waf
f5big-ip_advanced_web_application_firewall13.1.0 – 13.1.5
f5big-ip_advanced_web_application_firewall>= 14.1.0 < 14.1.5.114.1.5.1
f5big-ip_advanced_web_application_firewall>= 15.1.0 < 15.1.715.1.7
f5big-ip_advanced_web_application_firewall>= 16.1.0 < 16.1.3.116.1.3.1
f5big-ip_afm
f5big-ip_analytics
f5big-ip_analytics13.1.0 – 13.1.5
f5big-ip_analytics>= 14.1.0 < 14.1.5.114.1.5.1
f5big-ip_analytics>= 15.1.0 < 15.1.715.1.7
f5big-ip_analytics>= 16.1.0 < 16.1.3.116.1.3.1
f5big-ip_apm