China National Vulnerability DatabaseCNVD-2022-55172F5 BIG-IP and BIG-IQ AWS Input Validation Error Vulnerability
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. An input authentication error vulnerability exists in F5 BIG-IP and BIG-IQ AWS, which can be exploited by unauthenticated remote attackers to cause a denial of service on BIG-IP and BIG-IQ systems.
| CPE | Name | Operator | Version |
|---|---|---|---|
| F5 Networks BIG-IQ >=16.1.0, | le | 16.1.3 | |
| F5 BIG-IP (all modules) >=8.0.0, | le | 8.2.0 | |
| F5 Networks BIG-IQ >=15.1.0, | le | 15.1.6 |
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H