CVE-2022-41624

Published Oct 19, 2022
Last updated 2 years ago
CVSS high 7.5
Overview

Description: In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.2, 15.1.x before 15.1.7, 14.1.x before 14.1.5.2, and 13.1.x before 13.1.5.1, when a sideband iRule is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization.
Source: f5sirt@f5.com
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH
Weaknesses

f5sirt@f5.com: CWE-401
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A662A6A-26E2-4067-8EED-5FC4FDBCB3A7",
            "versionEndExcluding": "13.1.5.1",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7802C8A-F3C9-449E-8B26-3B801AA72F11",
            "versionEndExcluding": "14.1.5.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E336C29-785D-4363-BB00-3ECD1FFEB579",
            "versionEndExcluding": "15.1.7",
            "versionStartIncluding": "15.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5587B34-CEFD-48CE-812D-199BC919DAEB",
            "versionEndExcluding": "16.1.3.2",
            "versionStartIncluding": "16.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7BDA84CE-48B2-40FF-AFDB-260FBF80EDBD",
            "versionEndExcluding": "17.0.0.1",
            "versionStartIncluding": "17.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9FEA0429-E662-4EC9-831E-69FFE31D790F",
            "versionEndExcluding": "13.1.5.1",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CEFC7381-8575-4388-86A1-4E44D64524BB",
            "versionEndExcluding": "14.1.5.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1226D02E-50F2-4B75-B524-A11D045E4EB4",
            "versionEndExcluding": "15.1.7",
            "versionStartIncluding": "15.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91EAA978-4C54-4F1F-A144-EB12C5084BE8",
            "versionEndExcluding": "16.1.3.2",
            "versionStartIncluding": "16.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75E67CD8-E084-4C36-BFA4-311F897CD965",
            "versionEndExcluding": "17.0.0.1",
            "versionStartIncluding": "17.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7AAA631-990E-465E-BFAD-8A1D489B90FC",
            "versionEndExcluding": "13.1.5.1",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28D81E37-0BF6-4EB4-B3FC-3AF37C2F8E43",
            "versionEndExcluding": "14.1.5.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F88BE16-F358-4DCD-AB1A-9F374EF03244",
            "versionEndExcluding": "15.1.7",
            "versionStartIncluding": "15.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "034C29D1-A558-469B-BFF8-850E12299A3F",
            "versionEndExcluding": "16.1.3.2",
            "versionStartIncluding": "16.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "489636E2-99C0-4AC5-BB8E-DF102BC10088",
            "versionEndExcluding": "17.0.0.1",
            "versionStartIncluding": "17.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D3F8B83B-92A3-494B-8476-7F7652D5CABB",
            "versionEndExcluding": "13.1.5.1",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "03AE48BC-9DF5-4518-945A-D21440EA8E24",
            "versionEndExcluding": "14.1.5.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3E41ADFF-6B66-4251-A642-DDC13E33A643",
            "versionEndExcluding": "15.1.7",
            "versionStartIncluding": "15.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6887F42D-11FA-449C-ACB4-7CA40DD1FD84",
            "versionEndExcluding": "16.1.3.2",
            "versionStartIncluding": "16.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D519C4F-22BC-4035-A495-7305CFF8CAD0",
            "versionEndExcluding": "17.0.0.1",
            "versionStartIncluding": "17.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87CE70BA-48FA-4DFD-A2C2-2A91578E38CC",
            "versionEndExcluding": "13.1.5.1",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "682A9D1A-E0D9-4F77-BDED-D437971FD8CE",
            "versionEndExcluding": "14.1.5.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DAE8E3A1-0E66-4A4C-BA58-E22AEA8705F7",
            "versionEndExcluding": "15.1.7",
            "versionStartIncluding": "15.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C0559F1-610D-437C-B83F-47DE51F426D4",
            "versionEndExcluding": "16.1.3.2",
            "versionStartIncluding": "16.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C492BCC-5958-4FBB-B29B-113D6CE41992",
            "versionEndIncluding": "17.0.0.1",
            "versionStartIncluding": "17.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F99148BC-ABF0-436F-AA6E-8ACEE8F8FB0C",
            "versionEndExcluding": "13.1.5.1",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0069A904-5997-4824-A478-EF8E79F9BA54",
            "versionEndExcluding": "14.1.5.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "313014B4-8033-4B57-B838-66EE163E86D4",
            "versionEndExcluding": "15.1.7",
            "versionStartIncluding": "15.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B043BC6-3B74-4865-B4EC-0DC1F913904C",
            "versionEndExcluding": "16.1.3.2",
            "versionStartIncluding": "16.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80FD1CE8-448F-493A-A1FD-C71F73BC1DBC",
            "versionEndExcluding": "17.0.0.1",
            "versionStartIncluding": "17.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D60DEA53-8DC7-4DF7-B2DD-56C6FF5935D3",
            "versionEndExcluding": "13.1.5.1",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BB3A984-9740-45B7-9E97-0570651CACBB",
            "versionEndExcluding": "14.1.5.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "63CACC49-9262-413B-9541-F062FB114957",
            "versionEndExcluding": "15.1.7",
            "versionStartIncluding": "15.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "203C4A5A-A8AD-405C-9204-544646BB6B02",
            "versionEndExcluding": "16.1.3.2",
            "versionStartIncluding": "16.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "216A506B-3D78-40E1-8806-CAF5723B0BE0",
            "versionEndExcluding": "17.0.0.1",
            "versionStartIncluding": "17.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9801C81E-DFDE-4E96-ACC4-BE7725DD8258",
            "versionEndExcluding": "13.1.5.1",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F30388B3-810F-4224-99AB-0D8E3970DE4A",
            "versionEndExcluding": "14.1.5.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "574B1926-DCF5-4E9E-8368-0EBE6CAE582E",
            "versionEndExcluding": "15.1.7",
            "versionStartIncluding": "15.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6937CFF7-1052-44F7-BBC4-AF60227BC8C8",
            "versionEndExcluding": "16.1.3.2",
            "versionStartIncluding": "16.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21F828BD-4269-41F4-B819-338B2D966F41",
            "versionEndExcluding": "17.0.0.1",
            "versionStartIncluding": "17.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B095E96E-65C7-4730-8D48-4CF7EDBA2D92",
            "versionEndExcluding": "13.1.5.1",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5CF80600-9815-40F4-A256-F29B7AE03386",
            "versionEndExcluding": "14.1.5.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45E9C4FB-F76E-4A1C-AD55-7BB7A4BD303A",
            "versionEndExcluding": "15.1.7",
            "versionStartIncluding": "15.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "054CCF6B-8AC8-4125-B855-BF8B46D990EF",
            "versionEndExcluding": "16.1.3.2",
            "versionStartIncluding": "16.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "110DEA26-B703-47E7-9882-249516C91611",
            "versionEndExcluding": "17.0.0.1",
            "versionStartIncluding": "17.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "978CE04B-13BD-479C-949D-4DEEB9C9C9CF",
            "versionEndExcluding": "13.1.5.1",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5179A3C-F6B8-4DC0-B493-2EF438A617D6",
            "versionEndExcluding": "14.1.5.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E25D2597-32D7-4676-9A0C-FCAD8D8900A9",
            "versionEndExcluding": "15.1.7",
            "versionStartIncluding": "15.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D16A5A1D-136C-4863-AF39-0AEDA2BB8D17",
            "versionEndExcluding": "16.1.3.2",
            "versionStartIncluding": "16.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8DF1F656-90A5-409E-AB17-A4A6D45D0593",
            "versionEndExcluding": "17.0.0.1",
            "versionStartIncluding": "17.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF720829-612B-48CE-8CAA-EAB04667A77F",
            "versionEndExcluding": "13.1.5.1",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F4E9754-A4DA-41CE-9BB4-A7DDEE844703",
            "versionEndExcluding": "14.1.5.2",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C108E49-CF06-493E-8BEE-2FA0F5999AB9",
            "versionEndExcluding": "15.1.7",
            "versionStartIncluding": "15.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B44EE650-7552-4D4D-BC34-FF8ECC3BF257",
            "versionEndExcluding": "16.1.3.2",
            "versionStartIncluding": "16.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "781BA15A-EC1A-4DC3-AE57-0B5B9C22D812",
            "versionEndExcluding": "17.0.0.1",
            "versionStartIncluding": "17.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References
