Lucene search
F5CVELIST:CVE-2022-23015HistoryJan 25, 2022 - 7:11 p.m.
CVE-2022-23015
2022-01-2519:11:22
CWE-400
f5
www.cve.org
5
big-ip
ssl
memory utilization
EPSS
0.001
Percentile
39.4%
On BIG-IP versions 16.x before 16.1.0, 15.1.x before 15.1.4.1, and 14.1.2.6-14.1.4.4, when a Client SSL profile is configured on a virtual server with Client Certificate Authentication set to request/require and Session Ticket enabled and configured, processing SSL traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CNA Affected
[
{
"product": "BIG-IP",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "16.x before 16.1.0, 15.1.x before 15.1.4.1, and 14.1.2.6-14.1.4.4"
}
]
}
]References
Related
nvd
nvd
CVE-2022-23015
2022-01-25 20:15:09
prion
prion
Cross site request forgery (csrf)
2022-01-25 20:15:00
f5
f5
K08476614 : BIG-IP Client SSL profile vulnerability CVE-2022-23015
2022-01-19 00:00:00
K40084114 : Overview of F5 vulnerabilities (January 2022)
2022-01-19 00:00:00
cve
cve
CVE-2022-23015
2022-01-25 20:15:09
nessus
nessus
F5 Networks BIG-IP : BIG-IP Client SSL profile vulnerability (K08476614)
2022-01-19 00:00:00
cnvd
cnvd
F5 BIG-IP Resource Management Error Vulnerability (CNVD-2022-72757)
2022-01-21 00:00:00