CVE-2022-41691

🗓️ 19 Oct 2022 21:19:45Reported by f5Type

cve🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 66 Views

When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2022-41691	20 Oct 202202:20	–	circl
CNNVD	F5 BIG-IP Advanced WAF/ASM 安全漏洞	19 Oct 202200:00	–	cnnvd
Cvelist	CVE-2022-41691 BIG-IP Advanced WAF/ASM bd vulnerability CVE-2022-41691	19 Oct 202221:19	–	cvelist
EUVD	EUVD-2022-44876	3 Oct 202520:07	–	euvd
F5 Networks	K02694732: BIG-IP Advanced WAF and ASM bd vulnerability CVE-2022-41691	21 Feb 202319:58	–	f5
F5 Networks	K30425568: Overview of F5 vulnerabilities (October 2022)	21 Feb 202320:02	–	f5
Tenable Nessus	F5 Networks BIG-IP : BIG-IP Advanced WAF and ASM bd vulnerability (K02694732)	19 Oct 202200:00	–	nessus
NCSC	Vulnerabilities fixed in several F5 products	20 Oct 202200:00	–	ncsc
NVD	CVE-2022-41691	19 Oct 202222:15	–	nvd
Prion	Code injection	19 Oct 202222:15	–	prion

NVD

Node

f5 big-ip_advanced_web_application_firewallRange14.1.0–14.1.5.2

f5 big-ip_application_security_managerRange14.1.0–14.1.5.2

[
  {
    "vendor": "F5",
    "product": "BIG-IP Advanced WAF & ASM",
    "versions": [
      {
        "version": "17.0.0",
        "status": "unaffected",
        "lessThan": "17.0.x*",
        "versionType": "custom"
      },
      {
        "version": "16.1.x",
        "status": "unaffected",
        "lessThanOrEqual": "16.1.0",
        "versionType": "custom"
      },
      {
        "version": "15.1.0",
        "status": "unaffected",
        "lessThan": "15.1.x*",
        "versionType": "custom"
      },
      {
        "version": "14.1.x",
        "status": "affected",
        "lessThan": "14.1.5.2",
        "versionType": "custom"
      },
      {
        "version": "13.1.0",
        "status": "unaffected",
        "lessThan": "13.1.x*",
        "versionType": "custom"
      }
    ]
  }
]