Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2023-0265
Vulnerability from csaf_certbund
Published
2023-02-01 23:00
Modified
2023-06-28 22:00
Summary
F5 BIG-IP: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
F5 FirePass ist ein SSL-VPN Gateway der F5 Corporation. Die BIG-IP ist eine Netzwerk Appliance auf der die meisten F5 Produkte laufen.
Angriff
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in F5 BIG-IP ausnutzen, um seine Privilegien zu erhöhen, Code zur Ausführung zu bringen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen und einen Denial of Service zu verursachen.
Betroffene Betriebssysteme
- F5 Networks
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "F5 FirePass ist ein SSL-VPN Gateway der F5 Corporation. Die BIG-IP ist eine Netzwerk Appliance auf der die meisten F5 Produkte laufen.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in F5 BIG-IP ausnutzen, um seine Privilegien zu erhöhen, Code zur Ausführung zu bringen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen und einen Denial of Service zu verursachen.", title: "Angriff", }, { category: "general", text: "- F5 Networks", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-0265 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0265.json", }, { category: "self", summary: "WID-SEC-2023-0265 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0265", }, { category: "external", summary: "F5 Security Advisory vom 2023-06-28", url: "https://my.f5.com/manage/s/article/K83284425", }, { category: "external", summary: "F5 Security Advisory vom 2023-02-01", url: "https://my.f5.com/manage/s/article/K000130496", }, { category: "external", summary: "F5 Security Advisory vom 2023-02-01", url: "https://my.f5.com/manage/s/article/K000130415", }, { category: "external", summary: "F5 Security Advisory vom 2023-02-01", url: "https://my.f5.com/manage/s/article/K07143733", }, { category: "external", summary: "F5 Security Advisory vom 2023-02-01", url: "https://my.f5.com/manage/s/article/K08182564", }, { category: "external", summary: "F5 Security Advisory vom 2023-02-01", url: "https://my.f5.com/manage/s/article/K17542533", }, { category: "external", summary: "F5 Security Advisory vom 2023-02-01", url: "https://my.f5.com/manage/s/article/K20717585", }, { category: "external", summary: "F5 Security Advisory vom 2023-02-01", url: "https://my.f5.com/manage/s/article/K24572686", }, { category: "external", summary: "F5 Security Advisory vom 2023-02-01", url: "https://my.f5.com/manage/s/article/K34525368", }, { category: "external", summary: "F5 Security Advisory vom 2023-02-01", url: "https://my.f5.com/manage/s/article/K37708118", }, { category: "external", summary: "F5 Security Advisory vom 2023-02-01", url: "https://my.f5.com/manage/s/article/K43881487", }, { category: "external", summary: "F5 Security Advisory vom 2023-02-01", url: "https://my.f5.com/manage/s/article/K46048342", }, { category: "external", summary: "F5 Security Advisory vom 2023-02-01", url: "https://my.f5.com/manage/s/article/K56412001", }, { category: "external", summary: "F5 Security Advisory vom 2023-02-01", url: "https://my.f5.com/manage/s/article/K56676554", }, { category: "external", summary: "F5 Security Advisory vom 2023-02-01", url: "https://my.f5.com/manage/s/article/K76964818", }, { category: "external", summary: "F5 Security Advisory vom 2023-02-01", url: "https://my.f5.com/manage/s/article/K83284425", }, { category: "external", summary: "F5 Security Advisory vom 2023-02-01", url: "https://my.f5.com/manage/s/article/K95503300", }, ], source_lang: "en-US", title: "F5 BIG-IP: Mehrere Schwachstellen", tracking: { current_release_date: "2023-06-28T22:00:00.000+00:00", generator: { date: "2024-08-15T17:42:56.693+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-0265", initial_release_date: "2023-02-01T23:00:00.000+00:00", revision_history: [ { date: "2023-02-01T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2023-06-28T22:00:00.000+00:00", number: "2", summary: "Neue Updates von F5 aufgenommen", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "F5 BIG-IP < 17.0.0.2", product: { name: "F5 BIG-IP < 17.0.0.2", product_id: "T026108", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:17.0.0.2", }, }, }, { category: "product_name", name: "F5 BIG-IP < 16.1.3.3", product: { name: "F5 BIG-IP < 16.1.3.3", product_id: "T026109", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:16.1.3.3", }, }, }, { category: "product_name", name: "F5 BIG-IP < 14.1.5.3", product: { name: "F5 BIG-IP < 14.1.5.3", product_id: "T026111", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:14.1.5.3", }, }, }, { category: "product_name", name: "F5 BIG-IP < 15.1.8.1", product: { name: "F5 BIG-IP < 15.1.8.1", product_id: "T026112", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:15.1.8.1", }, }, }, { category: "product_name", name: "F5 BIG-IP < 17.1.0", product: { name: "F5 BIG-IP < 17.1.0", product_id: "T027101", product_identification_helper: { cpe: "cpe:/a:f5:big-ip:17.1.0", }, }, }, ], category: "product_name", name: "BIG-IP", }, ], category: "vendor", name: "F5", }, ], }, vulnerabilities: [ { cve: "CVE-2023-23555", notes: [ { category: "description", text: "In F5 BIG-IP existieren mehrere Schwachstellen. Ein Angreifer kann diese Sschwachstellen ausnutzen, um seine Rechte zu erweitern, Code zur Ausführung zu bringen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen und einen Denial of Service zu verursachen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Opfers notwendig.", }, ], release_date: "2023-02-01T23:00:00.000+00:00", title: "CVE-2023-23555", }, { cve: "CVE-2023-23552", notes: [ { category: "description", text: "In F5 BIG-IP existieren mehrere Schwachstellen. Ein Angreifer kann diese Sschwachstellen ausnutzen, um seine Rechte zu erweitern, Code zur Ausführung zu bringen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen und einen Denial of Service zu verursachen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Opfers notwendig.", }, ], release_date: "2023-02-01T23:00:00.000+00:00", title: "CVE-2023-23552", }, { cve: "CVE-2023-22842", notes: [ { category: "description", text: "In F5 BIG-IP existieren mehrere Schwachstellen. Ein Angreifer kann diese Sschwachstellen ausnutzen, um seine Rechte zu erweitern, Code zur Ausführung zu bringen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen und einen Denial of Service zu verursachen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Opfers notwendig.", }, ], release_date: "2023-02-01T23:00:00.000+00:00", title: "CVE-2023-22842", }, { cve: "CVE-2023-22839", notes: [ { category: "description", text: "In F5 BIG-IP existieren mehrere Schwachstellen. Ein Angreifer kann diese Sschwachstellen ausnutzen, um seine Rechte zu erweitern, Code zur Ausführung zu bringen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen und einen Denial of Service zu verursachen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Opfers notwendig.", }, ], release_date: "2023-02-01T23:00:00.000+00:00", title: "CVE-2023-22839", }, { cve: "CVE-2023-22664", notes: [ { category: "description", text: "In F5 BIG-IP existieren mehrere Schwachstellen. Ein Angreifer kann diese Sschwachstellen ausnutzen, um seine Rechte zu erweitern, Code zur Ausführung zu bringen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen und einen Denial of Service zu verursachen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Opfers notwendig.", }, ], release_date: "2023-02-01T23:00:00.000+00:00", title: "CVE-2023-22664", }, { cve: "CVE-2023-22422", notes: [ { category: "description", text: "In F5 BIG-IP existieren mehrere Schwachstellen. Ein Angreifer kann diese Sschwachstellen ausnutzen, um seine Rechte zu erweitern, Code zur Ausführung zu bringen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen und einen Denial of Service zu verursachen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Opfers notwendig.", }, ], release_date: "2023-02-01T23:00:00.000+00:00", title: "CVE-2023-22422", }, { cve: "CVE-2023-22418", notes: [ { category: "description", text: "In F5 BIG-IP existieren mehrere Schwachstellen. Ein Angreifer kann diese Sschwachstellen ausnutzen, um seine Rechte zu erweitern, Code zur Ausführung zu bringen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen und einen Denial of Service zu verursachen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Opfers notwendig.", }, ], release_date: "2023-02-01T23:00:00.000+00:00", title: "CVE-2023-22418", }, { cve: "CVE-2023-22374", notes: [ { category: "description", text: "In F5 BIG-IP existieren mehrere Schwachstellen. Ein Angreifer kann diese Sschwachstellen ausnutzen, um seine Rechte zu erweitern, Code zur Ausführung zu bringen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen und einen Denial of Service zu verursachen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Opfers notwendig.", }, ], release_date: "2023-02-01T23:00:00.000+00:00", title: "CVE-2023-22374", }, { cve: "CVE-2023-22358", notes: [ { category: "description", text: "In F5 BIG-IP existieren mehrere Schwachstellen. Ein Angreifer kann diese Sschwachstellen ausnutzen, um seine Rechte zu erweitern, Code zur Ausführung zu bringen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen und einen Denial of Service zu verursachen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Opfers notwendig.", }, ], release_date: "2023-02-01T23:00:00.000+00:00", title: "CVE-2023-22358", }, { cve: "CVE-2023-22341", notes: [ { category: "description", text: "In F5 BIG-IP existieren mehrere Schwachstellen. Ein Angreifer kann diese Sschwachstellen ausnutzen, um seine Rechte zu erweitern, Code zur Ausführung zu bringen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen und einen Denial of Service zu verursachen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Opfers notwendig.", }, ], release_date: "2023-02-01T23:00:00.000+00:00", title: "CVE-2023-22341", }, { cve: "CVE-2023-22340", notes: [ { category: "description", text: "In F5 BIG-IP existieren mehrere Schwachstellen. Ein Angreifer kann diese Sschwachstellen ausnutzen, um seine Rechte zu erweitern, Code zur Ausführung zu bringen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen und einen Denial of Service zu verursachen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Opfers notwendig.", }, ], release_date: "2023-02-01T23:00:00.000+00:00", title: "CVE-2023-22340", }, { cve: "CVE-2023-22326", notes: [ { category: "description", text: "In F5 BIG-IP existieren mehrere Schwachstellen. Ein Angreifer kann diese Sschwachstellen ausnutzen, um seine Rechte zu erweitern, Code zur Ausführung zu bringen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen und einen Denial of Service zu verursachen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Opfers notwendig.", }, ], release_date: "2023-02-01T23:00:00.000+00:00", title: "CVE-2023-22326", }, { cve: "CVE-2023-22323", notes: [ { category: "description", text: "In F5 BIG-IP existieren mehrere Schwachstellen. Ein Angreifer kann diese Sschwachstellen ausnutzen, um seine Rechte zu erweitern, Code zur Ausführung zu bringen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen und einen Denial of Service zu verursachen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Opfers notwendig.", }, ], release_date: "2023-02-01T23:00:00.000+00:00", title: "CVE-2023-22323", }, { cve: "CVE-2023-22302", notes: [ { category: "description", text: "In F5 BIG-IP existieren mehrere Schwachstellen. Ein Angreifer kann diese Sschwachstellen ausnutzen, um seine Rechte zu erweitern, Code zur Ausführung zu bringen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen und einen Denial of Service zu verursachen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Opfers notwendig.", }, ], release_date: "2023-02-01T23:00:00.000+00:00", title: "CVE-2023-22302", }, { cve: "CVE-2023-22283", notes: [ { category: "description", text: "In F5 BIG-IP existieren mehrere Schwachstellen. Ein Angreifer kann diese Sschwachstellen ausnutzen, um seine Rechte zu erweitern, Code zur Ausführung zu bringen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen und einen Denial of Service zu verursachen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Opfers notwendig.", }, ], release_date: "2023-02-01T23:00:00.000+00:00", title: "CVE-2023-22283", }, { cve: "CVE-2023-22281", notes: [ { category: "description", text: "In F5 BIG-IP existieren mehrere Schwachstellen. Ein Angreifer kann diese Sschwachstellen ausnutzen, um seine Rechte zu erweitern, Code zur Ausführung zu bringen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen und einen Denial of Service zu verursachen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Opfers notwendig.", }, ], release_date: "2023-02-01T23:00:00.000+00:00", title: "CVE-2023-22281", }, ], }
cve-2023-22281
Vulnerability from cvelistv5
Published
2023-02-01 17:52
Modified
2025-03-26 18:43
Severity ?
EPSS score ?
Summary
On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a BIG-IP AFM NAT policy with a destination NAT rule is configured on a FastL4 virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:07:05.825Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://my.f5.com/manage/s/article/K46048342", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-22281", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T16:00:26.289552Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-26T18:43:23.224Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", modules: [ "AFM", ], product: "BIG-IP", vendor: "F5", versions: [ { lessThan: "17.0.0.2", status: "affected", version: "17.0.0", versionType: "semver", }, { lessThan: "16.1.3.3", status: "affected", version: "16.1.0", versionType: "semver", }, { lessThan: "15.1.8", status: "affected", version: "15.1.0", versionType: "semver", }, { lessThan: "14.1.5.3", status: "affected", version: "14.1.0", versionType: "semver", }, { lessThan: "*", status: "affected", version: "13.1.0", versionType: "semver", }, ], }, ], datePublic: "2023-02-01T15:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a BIG-IP AFM NAT policy with a destination NAT rule is configured on a FastL4 virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.<br>", }, ], value: "On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a BIG-IP AFM NAT policy with a destination NAT rule is configured on a FastL4 virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-908", description: "CWE-908 Use of Uninitialized Resource", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-01T17:52:27.603Z", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { url: "https://my.f5.com/manage/s/article/K46048342", }, ], source: { discovery: "INTERNAL", }, title: "BIG-IP AFM vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2023-22281", datePublished: "2023-02-01T17:52:27.603Z", dateReserved: "2023-01-13T06:43:37.165Z", dateUpdated: "2025-03-26T18:43:23.224Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22323
Vulnerability from cvelistv5
Published
2023-02-01 17:53
Modified
2025-03-26 15:58
Severity ?
EPSS score ?
Summary
In BIP-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when OCSP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:07:05.898Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://my.f5.com/manage/s/article/K56412001", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-22323", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T15:57:04.809339Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-26T15:58:46.426Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", modules: [ "All modules", ], product: "BIG-IP", vendor: "F5", versions: [ { lessThan: "17.0.0.2", status: "affected", version: "17.0.0", versionType: "semver", }, { lessThan: "16.1.3.3", status: "affected", version: "16.1.0", versionType: "semver", }, { lessThan: "15.1.8.1", status: "affected", version: "15.1.0", versionType: "semver", }, { lessThan: "14.1.5.3", status: "affected", version: "14.1.0", versionType: "semver", }, { lessThan: "*", status: "affected", version: "13.1.0", versionType: "semver", }, ], }, ], datePublic: "2023-02-01T15:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In BIP-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when OCSP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.<br>", }, ], value: "In BIP-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when OCSP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-770", description: "CWE-770 Allocation of Resources Without Limits or Throttling", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-01T17:53:34.262Z", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { url: "https://my.f5.com/manage/s/article/K56412001", }, ], source: { discovery: "INTERNAL", }, title: "BIG-IP SSL OCSP Authentication profile vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2023-22323", datePublished: "2023-02-01T17:53:34.262Z", dateReserved: "2023-01-13T06:43:37.159Z", dateUpdated: "2025-03-26T15:58:46.426Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22374
Vulnerability from cvelistv5
Published
2023-02-01 17:54
Modified
2025-03-26 17:51
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
8.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
8.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS score ?
Summary
A format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to cross a security boundary.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:07:06.534Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://my.f5.com/manage/s/article/K000130415", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-22374", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T17:50:54.452809Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-26T17:51:00.789Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", modules: [ "All Modules", ], product: "BIG-IP", vendor: "F5", versions: [ { changes: [ { at: "Engineering Hotfix Available", status: "unaffected", }, ], lessThan: "17.1.0", status: "affected", version: "17.0.0", versionType: "semver", }, { changes: [ { at: "Engineering Hotfix Available", status: "unaffected", }, ], lessThan: "16.1.3.4", status: "affected", version: "16.1.2.2", versionType: "semver", }, { changes: [ { at: "Engineering Hotfix Available", status: "unaffected", }, ], lessThan: "15.1.8.2", status: "affected", version: "15.1.5.1", versionType: "semver", }, { changes: [ { at: "Engineering Hotfix Available", status: "unaffected", }, ], lessThan: "14.1.5.4", status: "affected", version: "14.1.4.6", versionType: "semver", }, { changes: [ { at: "Engineering Hotfix Available", status: "unaffected", }, ], lessThan: "*", status: "affected", version: "13.1.5", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "F5 acknowledges Ron Bowes of Rapid7 for bringing this issue to our attention and following the highest standards of coordinated disclosure.", }, ], datePublic: "2023-02-01T15:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\n<span style=\"background-color: rgb(255, 255, 255);\">A format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to cross a security boundary.</span>\n Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.<br>\n\n", }, ], value: "\nA format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to cross a security boundary.\n Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "Appliance Mode", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-134", description: "CWE-134 Use of Externally-Controlled Format String", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-04T02:11:45.387Z", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { url: "https://my.f5.com/manage/s/article/K000130415", }, ], source: { discovery: "EXTERNAL", }, title: "iControl SOAP vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2023-22374", datePublished: "2023-02-01T17:54:46.798Z", dateReserved: "2023-01-13T06:43:37.145Z", dateUpdated: "2025-03-26T17:51:00.789Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22283
Vulnerability from cvelistv5
Published
2023-02-01 17:52
Modified
2025-03-26 18:43
Severity ?
EPSS score ?
Summary
On versions beginning in 7.1.5 to before 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client for Windows. User interaction and administrative privileges are required to exploit this vulnerability because the victim user needs to run the executable on the system and the attacker requires administrative privileges for modifying the files in the trusted search path. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 | APM Clients |
Version: 7.1.5 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:07:06.158Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://my.f5.com/manage/s/article/K07143733", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-22283", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T16:00:02.071519Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-26T18:43:36.643Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Windows", ], product: "APM Clients", vendor: "F5", versions: [ { lessThan: "7.2.3.1", status: "affected", version: "7.1.5", versionType: "semver", }, { lessThan: "*", status: "unaffected", version: "7.2.4", versionType: "semver", }, ], }, ], datePublic: "2023-02-01T15:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "On versions beginning in 7.1.5 to before 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client for Windows. User interaction and administrative privileges are required to exploit this vulnerability because the victim user needs to run the executable on the system and the attacker requires administrative privileges for modifying the files in the trusted search path. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.<br>", }, ], value: "On versions beginning in 7.1.5 to before 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client for Windows. User interaction and administrative privileges are required to exploit this vulnerability because the victim user needs to run the executable on the system and the attacker requires administrative privileges for modifying the files in the trusted search path. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-427", description: "CWE-427 Uncontrolled Search Path Element", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-03T23:52:40.793Z", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { url: "https://my.f5.com/manage/s/article/K07143733", }, ], source: { discovery: "INTERNAL", }, title: "BIG-IP Edge Client for Windows vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2023-22283", datePublished: "2023-02-01T17:52:57.233Z", dateReserved: "2023-01-13T06:43:46.165Z", dateUpdated: "2025-03-26T18:43:36.643Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22418
Vulnerability from cvelistv5
Published
2023-02-01 17:55
Modified
2025-03-26 17:50
Severity ?
EPSS score ?
Summary
On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.7, 14.1.x before 14.1.5.3, and all versions of 13.1.x, an open redirect vulnerability exists on virtual servers enabled with a BIG-IP APM access policy. This vulnerability allows an unauthenticated malicious attacker to build an open redirect URI. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:07:06.608Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://my.f5.com/manage/s/article/K95503300", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-22418", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T17:50:27.818372Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-26T17:50:34.184Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", modules: [ "APM", ], product: "BIG-IP", vendor: "F5", versions: [ { lessThan: "17.0.0.2", status: "affected", version: "17.0.0", versionType: "semver", }, { lessThan: "16.1.3.3", status: "affected", version: "16.1.0", versionType: "semver", }, { lessThan: "15.1.7", status: "affected", version: "15.1.0", versionType: "semver", }, { lessThan: "14.1.5.3", status: "affected", version: "14.1.0", versionType: "semver", }, { lessThan: "*", status: "affected", version: "13.1.0", versionType: "semver", }, ], }, ], datePublic: "2023-02-01T15:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.7, 14.1.x before 14.1.5.3, and all versions of 13.1.x, an open redirect vulnerability exists on virtual servers enabled with a BIG-IP APM access policy. This vulnerability allows an unauthenticated malicious attacker to build an open redirect URI. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.<br>", }, ], value: "On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.7, 14.1.x before 14.1.5.3, and all versions of 13.1.x, an open redirect vulnerability exists on virtual servers enabled with a BIG-IP APM access policy. This vulnerability allows an unauthenticated malicious attacker to build an open redirect URI. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-601", description: "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-01T17:55:14.224Z", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { url: "https://my.f5.com/manage/s/article/K95503300", }, ], source: { discovery: "INTERNAL", }, title: "BIG-IP APM virtual server vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2023-22418", datePublished: "2023-02-01T17:55:14.224Z", dateReserved: "2023-01-13T06:43:46.170Z", dateUpdated: "2025-03-26T17:50:34.184Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22341
Vulnerability from cvelistv5
Published
2023-02-01 17:54
Modified
2025-03-26 18:02
Severity ?
EPSS score ?
Summary
On version 14.1.x before 14.1.5.3, and all versions of 13.1.x, when the BIG-IP APM system is configured with all the following elements, undisclosed requests may cause the Traffic Management Microkernel (TMM) to terminate:
* An OAuth Server that references an OAuth Provider
* An OAuth profile with the Authorization Endpoint set to '/'
* An access profile that references the above OAuth profile and is associated with an HTTPS virtual server
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:07:06.396Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://my.f5.com/manage/s/article/K20717585", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-22341", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T18:02:27.883714Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-26T18:02:34.827Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", modules: [ "APM", ], product: "BIG-IP", vendor: "F5", versions: [ { lessThan: "14.1.5.3", status: "affected", version: "14.1.0", versionType: "semver", }, { lessThan: "*", status: "affected", version: "13.1.0", versionType: "semver", }, ], }, ], datePublic: "2023-02-01T15:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>On version 14.1.x before 14.1.5.3, and all versions of 13.1.x, when the BIG-IP APM system is configured with all the following elements, undisclosed requests may cause the Traffic Management Microkernel (TMM) to terminate:</p><ul><li>An OAuth Server that references an OAuth Provider</li><li>An OAuth profile with the Authorization Endpoint set to '/'</li><li>An access profile that references the above OAuth profile and is associated with an HTTPS virtual server </li></ul>Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.<br>\n\n", }, ], value: "On version 14.1.x before 14.1.5.3, and all versions of 13.1.x, when the BIG-IP APM system is configured with all the following elements, undisclosed requests may cause the Traffic Management Microkernel (TMM) to terminate:\n\n * An OAuth Server that references an OAuth Provider\n * An OAuth profile with the Authorization Endpoint set to '/'\n * An access profile that references the above OAuth profile and is associated with an HTTPS virtual server \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-01T17:54:17.997Z", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { url: "https://my.f5.com/manage/s/article/K20717585", }, ], source: { discovery: "INTERNAL", }, title: "BIG-IP APM OAuth vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2023-22341", datePublished: "2023-02-01T17:54:17.997Z", dateReserved: "2023-01-13T06:43:37.170Z", dateUpdated: "2025-03-26T18:02:34.827Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-23555
Vulnerability from cvelistv5
Published
2023-02-01 17:57
Modified
2025-03-26 15:59
Severity ?
EPSS score ?
Summary
On BIG-IP Virtual Edition versions 15.1x beginning in 15.1.4 to before 15.1.8 and 14.1.x beginning in 14.1.5 to before 14.1.5.3, and BIG-IP SPK beginning in 1.5.0 to before 1.6.0, when FastL4 profile is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | F5 | BIG-IP |
Version: 15.1.4 ≤ Version: 14.1.5 ≤ |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:35:33.615Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://my.f5.com/manage/s/article/K24572686", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-23555", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T15:56:12.818627Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-26T15:59:59.546Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", modules: [ "All modules", ], product: "BIG-IP", vendor: "F5", versions: [ { lessThan: "15.1.8", status: "affected", version: "15.1.4", versionType: "semver", }, { lessThan: "14.1.5.3", status: "affected", version: "14.1.5", versionType: "semver", }, ], }, { defaultStatus: "unknown", product: "BIG-IP SPK", vendor: "F5", versions: [ { lessThan: "1.6.0", status: "affected", version: "1.5.0", versionType: "semver", }, ], }, ], datePublic: "2023-02-01T15:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "On BIG-IP Virtual Edition versions 15.1x beginning in 15.1.4 to before 15.1.8 and 14.1.x beginning in 14.1.5 to before 14.1.5.3, and BIG-IP SPK beginning in 1.5.0 to before 1.6.0, when FastL4 profile is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.<br>", }, ], value: "On BIG-IP Virtual Edition versions 15.1x beginning in 15.1.4 to before 15.1.8 and 14.1.x beginning in 14.1.5 to before 14.1.5.3, and BIG-IP SPK beginning in 1.5.0 to before 1.6.0, when FastL4 profile is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-665", description: "CWE-665 Improper Initialization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-01T17:57:02.731Z", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { url: "https://my.f5.com/manage/s/article/K24572686", }, ], source: { discovery: "INTERNAL", }, title: "BIG-IP Virtual Edition vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2023-23555", datePublished: "2023-02-01T17:57:02.731Z", dateReserved: "2023-01-13T06:43:46.147Z", dateUpdated: "2025-03-26T15:59:59.546Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-23552
Vulnerability from cvelistv5
Published
2023-02-01 17:56
Modified
2025-03-25 19:23
Severity ?
EPSS score ?
Summary
On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.0 before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a BIG-IP Advanced WAF or BIG-IP ASM security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:35:32.997Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://my.f5.com/manage/s/article/K17542533", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-23552", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-25T19:22:46.817452Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-25T19:23:00.904Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", modules: [ "ASM", "Advanced WAF", ], product: "BIG-IP", vendor: "F5", versions: [ { lessThan: "17.0.0.2", status: "affected", version: "17.0.0", versionType: "semver", }, { lessThan: "16.1.3.3", status: "affected", version: "16.1.0", versionType: "semver", }, { lessThan: "15.1.8", status: "affected", version: "15.1.0", versionType: "semver", }, { lessThan: "14.1.5.3", status: "affected", version: "14.1.0", versionType: "semver", }, { lessThan: "*", status: "affected", version: "13.1.0", versionType: "semver", }, ], }, ], datePublic: "2023-02-01T15:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.0 before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a BIG-IP Advanced WAF or BIG-IP ASM security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.<br>", }, ], value: "On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.0 before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a BIG-IP Advanced WAF or BIG-IP ASM security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-01T17:56:47.576Z", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { url: "https://my.f5.com/manage/s/article/K17542533", }, ], source: { discovery: "INTERNAL", }, title: "BIG-IP Advanced WAF and ASM vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2023-23552", datePublished: "2023-02-01T17:56:47.576Z", dateReserved: "2023-01-13T06:43:37.181Z", dateUpdated: "2025-03-25T19:23:00.904Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22302
Vulnerability from cvelistv5
Published
2023-02-01 17:53
Modified
2025-03-26 15:58
Severity ?
EPSS score ?
Summary
In BIG-IP versions 17.0.x before 17.0.0.2, and 16.1.x beginning in 16.1.2.2 to before 16.1.3.3, when an HTTP profile is configured on a virtual server and conditions beyond the attacker’s control exist on the target pool member, undisclosed requests sent to the BIG-IP system can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:07:05.929Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://my.f5.com/manage/s/article/K58550078", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-22302", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T15:57:36.687331Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-26T15:58:24.750Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", modules: [ "All modules", ], product: "BIG-IP", vendor: "F5", versions: [ { lessThan: "17.0.0.2", status: "affected", version: "17.0.0", versionType: "semver", }, { lessThan: "16.1.3.3", status: "affected", version: "16.1.2.2", versionType: "semver", }, ], }, ], datePublic: "2023-02-01T15:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In BIG-IP versions 17.0.x before 17.0.0.2, and 16.1.x beginning in 16.1.2.2 to before 16.1.3.3, when an HTTP profile is configured on a virtual server and conditions beyond the attacker’s control exist on the target pool member, undisclosed requests sent to the BIG-IP system can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.<br>", }, ], value: "In BIG-IP versions 17.0.x before 17.0.0.2, and 16.1.x beginning in 16.1.2.2 to before 16.1.3.3, when an HTTP profile is configured on a virtual server and conditions beyond the attacker’s control exist on the target pool member, undisclosed requests sent to the BIG-IP system can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-772", description: "CWE-772 Missing Release of Resource after Effective Lifetime", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-01T17:53:19.320Z", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { url: "https://my.f5.com/manage/s/article/K58550078", }, ], source: { discovery: "INTERNAL", }, title: "BIG-IP HTTP profile vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2023-22302", datePublished: "2023-02-01T17:53:19.320Z", dateReserved: "2023-01-13T06:43:46.174Z", dateUpdated: "2025-03-26T15:58:24.750Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22839
Vulnerability from cvelistv5
Published
2023-02-01 17:56
Modified
2025-03-26 17:48
Severity ?
EPSS score ?
Summary
On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all version of 13.1.x, when a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:20:31.223Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://my.f5.com/manage/s/article/K37708118", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-22839", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T17:48:19.712757Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-26T17:48:26.847Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", modules: [ "DNS", "LTM enabled with DNS Services license", ], product: "BIG-IP", vendor: "F5", versions: [ { lessThan: "17.0.0.2", status: "affected", version: "17.0.0", versionType: "semver", }, { lessThan: "16.1.3.3", status: "affected", version: "16.1.0", versionType: "semver", }, { lessThan: "15.1.8.1", status: "affected", version: "15.1.0", versionType: "semver", }, { lessThan: "14.1.5.3", status: "affected", version: "14.1.0", versionType: "semver", }, { lessThan: "*", status: "affected", version: "13.1.0", versionType: "semver", }, ], }, ], datePublic: "2023-02-01T15:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all version of 13.1.x, when a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.<br>", }, ], value: "On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all version of 13.1.x, when a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-01T17:56:26.064Z", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { url: "https://my.f5.com/manage/s/article/K37708118", }, ], source: { discovery: "INTERNAL", }, title: "BIG-IP DNS profile vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2023-22839", datePublished: "2023-02-01T17:56:26.064Z", dateReserved: "2023-01-13T06:43:46.141Z", dateUpdated: "2025-03-26T17:48:26.847Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22422
Vulnerability from cvelistv5
Published
2023-02-01 17:55
Modified
2025-03-26 17:50
Severity ?
EPSS score ?
Summary
On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, when a HTTP profile with the non-default Enforcement options of Enforce HTTP Compliance and Unknown Methods: Reject are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:07:06.646Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://my.f5.com/manage/s/article/K43881487", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-22422", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T17:49:59.430119Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-26T17:50:07.685Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", modules: [ "All modules", ], product: "BIG-IP", vendor: "F5", versions: [ { lessThan: "17.0.0.2", status: "affected", version: "17.0.0", versionType: "semver", }, { lessThan: "16.1.3.3", status: "affected", version: "16.1.0", versionType: "semver", }, ], }, ], datePublic: "2023-02-01T15:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, when a HTTP profile with the non-default Enforcement options of <b>Enforce HTTP Compliance</b> and <b>Unknown Methods: Reject</b> are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.<br>", }, ], value: "On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, when a HTTP profile with the non-default Enforcement options of Enforce HTTP Compliance and Unknown Methods: Reject are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-01T17:55:51.536Z", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { url: "https://my.f5.com/manage/s/article/K43881487", }, ], source: { discovery: "INTERNAL", }, title: "HTTP profile vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2023-22422", datePublished: "2023-02-01T17:55:51.536Z", dateReserved: "2023-01-13T06:43:37.206Z", dateUpdated: "2025-03-26T17:50:07.685Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22842
Vulnerability from cvelistv5
Published
2023-02-01 17:56
Modified
2025-03-26 17:47
Severity ?
EPSS score ?
Summary
On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:20:30.781Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://my.f5.com/manage/s/article/K08182564", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-22842", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T17:47:42.764431Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-26T17:47:52.262Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", modules: [ "All modules", ], product: "BIG-IP", vendor: "F5", versions: [ { lessThan: "*", status: "unaffected", version: "17.0.0", versionType: "semver", }, { lessThan: "16.1.3.3", status: "affected", version: "16.1.0", versionType: "semver", }, { lessThan: "15.1.8.1", status: "affected", version: "15.1.0", versionType: "semver", }, { lessThan: "14.1.5.3", status: "affected", version: "14.1.0", versionType: "semver", }, { lessThan: "*", status: "affected", version: "13.1.0", versionType: "semver", }, ], }, ], datePublic: "2023-02-01T15:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.<br>", }, ], value: "On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "CWE-121 Stack-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-01T17:56:36.634Z", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { url: "https://my.f5.com/manage/s/article/K08182564", }, ], source: { discovery: "INTERNAL", }, title: "BIG-IP SIP profile vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2023-22842", datePublished: "2023-02-01T17:56:36.634Z", dateReserved: "2023-01-13T06:43:37.199Z", dateUpdated: "2025-03-26T17:47:52.262Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22326
Vulnerability from cvelistv5
Published
2023-02-01 17:53
Modified
2025-03-26 15:59
Severity ?
EPSS score ?
Summary
In BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, and all versions of BIG-IQ 8.x and 7.1.x, incorrect permission assignment vulnerabilities exist in the iControl REST and TMOS shell (tmsh) dig command which may allow an authenticated attacker with resource administrator or administrator role privileges to view sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | F5 | BIG-IP |
Version: 17.0.0 ≤ Version: 16.1.0 ≤ Version: 15.1.0 ≤ Version: 14.1.0 ≤ Version: 13.1.0 ≤ |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:07:06.431Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://my.f5.com/manage/s/article/K83284425", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-22326", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T15:56:47.550240Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-26T15:59:43.461Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", modules: [ "All modules", ], product: "BIG-IP", vendor: "F5", versions: [ { lessThan: "17.0.0.2", status: "affected", version: "17.0.0", versionType: "semver", }, { lessThan: "16.1.3.3", status: "affected", version: "16.1.0", versionType: "semver", }, { lessThan: "15.1.8.1", status: "affected", version: "15.1.0", versionType: "semver", }, { lessThan: "14.1.5.3", status: "affected", version: "14.1.0", versionType: "semver", }, { lessThan: "*", status: "affected", version: "13.1.0", versionType: "semver", }, ], }, { defaultStatus: "unknown", product: "BIG-IQ Centralized Management", vendor: "F5", versions: [ { lessThan: "*", status: "affected", version: "8.0.0", versionType: "semver", }, { lessThan: "*", status: "affected", version: "7.1.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "F5 acknowledges Guillaume Goessel of Aon’s Cyber Labs for bringing this issue to our attention and following the highest standards of coordinated disclosure.", }, ], datePublic: "2023-02-01T15:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<b></b>In BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, and all versions of BIG-IQ 8.x and 7.1.x, incorrect permission assignment vulnerabilities exist in the iControl REST and TMOS shell (<b>tmsh</b>) dig command which may allow an authenticated attacker with resource administrator or administrator role privileges to view sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.<br>", }, ], value: "In BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, and all versions of BIG-IQ 8.x and 7.1.x, incorrect permission assignment vulnerabilities exist in the iControl REST and TMOS shell (tmsh) dig command which may allow an authenticated attacker with resource administrator or administrator role privileges to view sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-732", description: "CWE-732 Incorrect Permission Assignment for Critical Resource", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-01T17:53:45.327Z", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { url: "https://my.f5.com/manage/s/article/K83284425", }, ], source: { discovery: "EXTERNAL", }, title: "iControl REST and tmsh vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2023-22326", datePublished: "2023-02-01T17:53:45.327Z", dateReserved: "2023-01-13T06:43:46.180Z", dateUpdated: "2025-03-26T15:59:43.461Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22358
Vulnerability from cvelistv5
Published
2023-02-01 17:54
Modified
2025-03-26 18:02
Severity ?
EPSS score ?
Summary
In versions beginning with 7.2.2 to before 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client Windows Installer. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 | APM Clients |
Version: 7.2.2 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:07:06.328Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://my.f5.com/manage/s/article/K76964818", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-22358", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T18:02:04.472673Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-26T18:02:11.485Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", platforms: [ "Windows", ], product: "APM Clients", vendor: "F5", versions: [ { lessThan: "7.2.3.1", status: "affected", version: "7.2.2", versionType: "semver", }, { lessThan: "*", status: "unaffected", version: "7.2.4", versionType: "semver", }, ], }, ], datePublic: "2023-02-01T15:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In versions beginning with 7.2.2 to before 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client Windows Installer. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.<br>", }, ], value: "In versions beginning with 7.2.2 to before 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client Windows Installer. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-427", description: "CWE-427 Uncontrolled Search Path Element", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-01T17:54:31.501Z", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { url: "https://my.f5.com/manage/s/article/K76964818", }, ], source: { discovery: "INTERNAL", }, title: "BIG-IP Edge Client for Windows vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2023-22358", datePublished: "2023-02-01T17:54:31.501Z", dateReserved: "2023-01-13T06:43:46.155Z", dateUpdated: "2025-03-26T18:02:11.485Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22340
Vulnerability from cvelistv5
Published
2023-02-01 17:54
Modified
2025-03-26 18:03
Severity ?
EPSS score ?
Summary
On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:07:05.923Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://my.f5.com/manage/s/article/K34525368", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-22340", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T18:02:53.906382Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-26T18:03:01.098Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", modules: [ "All modules", ], product: "BIG-IP", vendor: "F5", versions: [ { lessThan: "*", status: "unaffected", version: "17.0.0", versionType: "semver", }, { lessThan: "16.1.3.3", status: "affected", version: "16.1.0", versionType: "semver", }, { lessThan: "15.1.8", status: "affected", version: "15.1.0", versionType: "semver", }, { lessThan: "14.1.5.3", status: "affected", version: "14.1.0", versionType: "semver", }, { lessThan: "*", status: "affected", version: "13.1.0", versionType: "semver", }, ], }, ], datePublic: "2023-02-01T15:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.<br>", }, ], value: "On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-01T17:54:06.566Z", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { url: "https://my.f5.com/manage/s/article/K34525368", }, ], source: { discovery: "INTERNAL", }, title: "BIG-IP SIP profile vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2023-22340", datePublished: "2023-02-01T17:54:06.566Z", dateReserved: "2023-01-13T06:43:37.186Z", dateUpdated: "2025-03-26T18:03:01.098Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22664
Vulnerability from cvelistv5
Published
2023-02-01 17:56
Modified
2025-03-26 17:48
Severity ?
EPSS score ?
Summary
On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, and BIG-IP SPK starting in version 1.6.0, when a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | F5 | BIG-IP |
Version: 17.0.0 ≤ Version: 16.1.0 ≤ |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:13:49.717Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://my.f5.com/manage/s/article/K56676554", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-22664", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T17:48:50.458671Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-26T17:48:59.560Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", modules: [ "All modules", ], product: "BIG-IP", vendor: "F5", versions: [ { lessThan: "17.0.0.2", status: "affected", version: "17.0.0", versionType: "semver", }, { lessThan: "16.1.3.3", status: "affected", version: "16.1.0", versionType: "semver", }, ], }, { defaultStatus: "unknown", product: "BIG-IP SPK", vendor: "F5", versions: [ { lessThan: "*", status: "affected", version: "1.6.0", versionType: "semver", }, ], }, ], datePublic: "2023-02-01T15:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, and BIG-IP SPK starting in version 1.6.0, when a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.<br>", }, ], value: "On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, and BIG-IP SPK starting in version 1.6.0, when a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-01T17:56:15.585Z", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { url: "https://my.f5.com/manage/s/article/K56676554", }, ], source: { discovery: "INTERNAL", }, title: "BIG-IP HTTP/2 profile vulnerability", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2023-22664", datePublished: "2023-02-01T17:56:15.585Z", dateReserved: "2023-01-13T06:43:37.176Z", dateUpdated: "2025-03-26T17:48:59.560Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.