BIG-IP big3d vulnerability CVE-2022-29480

2022-05-04T12:33:00

Description

When multiple route domains are configured, undisclosed requests to big3d can cause an increase in CPU resource utilization. ([CVE-2022-29480](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29480>)) Impact This vulnerability allows a remote, unauthenticated attacker to cause a degradation of service that can lead to a denial-of-service (DoS) on the BIG-IP system.

Affected Software

CPE Name	Name	Version
	big-ip (all modules)	13.1.4

{"id": "F5:K71103363", "vendorId": null, "type": "f5", "bulletinFamily": "software", "title": "BIG-IP big3d vulnerability CVE-2022-29480", "description": "When multiple route domains are configured, undisclosed requests to big3d can cause an increase in CPU resource utilization. ([CVE-2022-29480](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29480>))\n\nImpact\n\nThis vulnerability allows a remote, unauthenticated attacker to cause a degradation of service that can lead to a denial-of-service (DoS) on the BIG-IP system.\n", "published": "2022-05-04T12:33:00", "modified": "2022-05-04T12:33:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0}, "severity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, "href": "https://support.f5.com/csp/article/K71103363", "reporter": "f5", "references": [], "cvelist": ["CVE-2022-29480"], "immutableFields": [], "lastseen": "2022-05-13T01:37:16", "viewCount": 21, "enchantments": {"score": {"value": 4.0, "vector": "NONE"}, "dependencies": {"references": [{"type": "cnvd", "idList": ["CNVD-2022-74967"]}, {"type": "cve", "idList": ["CVE-2022-29480"]}, {"type": "f5", "idList": ["F5:K55879220"]}, {"type": "nessus", "idList": ["F5_BIGIP_SOL71103363.NASL"]}]}, "affected_software": {"major_version": [{"name": "big-ip (all modules)", "version": 13}]}, "epss": [{"cve": "CVE-2022-29480", "epss": "0.000460000", "percentile": "0.139060000", "modified": "2023-03-19"}], "vulnersScore": 4.0}, "_state": {"score": 1669649828, "dependencies": 1669649253, "affected_software_major_version": 1669649783, "epss": 1679290575}, "_internal": {"score_hash": "7e43181bd4827553a50f30966357ff6c"}, "affectedSoftware": [{"name": "big-ip (all modules)", "version": "13.1.4", "operator": "le"}]}

{"nessus": [{"lastseen": "2023-01-10T19:19:54", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.0.0. It is, therefore, affected by a vulnerability as referenced in the K71103363 advisory.\n\n - On F5 BIG-IP 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, when multiple route domains are configured, undisclosed requests to big3d can cause an increase in CPU resource utilization.\n Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated (CVE-2022-29480)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-05-05T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : BIG-IP big3d vulnerability (K71103363)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29480"], "modified": "2022-05-16T00:00:00", "cpe": ["cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*", "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", "cpe:2.3:h:f5:big-ip:*:*:*:*:*:*:*:*"], "id": "F5_BIGIP_SOL71103363.NASL", "href": "https://www.tenable.com/plugins/nessus/160574", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K71103363.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160574);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/16\");\n\n script_cve_id(\"CVE-2022-29480\");\n script_xref(name:\"IAVA\", value:\"2022-A-0189\");\n\n script_name(english:\"F5 Networks BIG-IP : BIG-IP big3d vulnerability (K71103363)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.0.0. It is, therefore, affected\nby a vulnerability as referenced in the K71103363 advisory.\n\n - On F5 BIG-IP 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, when multiple route\n domains are configured, undisclosed requests to big3d can cause an increase in CPU resource utilization.\n Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated\n (CVE-2022-29480)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K71103363\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K71103363.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29480\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/05\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K71103363';\nvar vmatrix = {\n 'AFM': {\n 'affected': [\n '13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '14.0.0','13.1.5'\n ],\n },\n 'APM': {\n 'affected': [\n '13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '14.0.0','13.1.5'\n ],\n },\n 'ASM': {\n 'affected': [\n '13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '14.0.0','13.1.5'\n ],\n },\n 'GTM': {\n 'affected': [\n '13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '14.0.0','13.1.5'\n ],\n },\n 'LTM': {\n 'affected': [\n '13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '14.0.0','13.1.5'\n ],\n },\n 'PEM': {\n 'affected': [\n '13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '14.0.0','13.1.5'\n ],\n },\n 'PSM': {\n 'affected': [\n '13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '14.0.0','13.1.5'\n ],\n },\n 'WOM': {\n 'affected': [\n '13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '14.0.0','13.1.5'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running any of the affected modules');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2023-02-09T14:23:00", "description": "On F5 BIG-IP 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, when multiple route domains are configured, undisclosed requests to big3d can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-05-05T17:15:00", "type": "cve", "title": "CVE-2022-29480", "cwe": ["CWE-400"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29480"], "modified": "2022-05-12T20:49:00", "cpe": ["cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.2", "cpe:/a:f5:big-ip_access_policy_manager:13.1.4", "cpe:/a:f5:big-ip_local_traffic_manager:15.1.1", "cpe:/a:f5:big-ip_policy_enforcement_manager:13.1.3", "cpe:/a:f5:big-ip_global_traffic_manager:14.1.3", "cpe:/a:f5:big-ip_application_acceleration_manager:15.1.0", "cpe:/a:f5:big-ip_application_acceleration_manager:12.1.1", "cpe:/a:f5:big-ip_policy_enforcement_manager:13.1.4", "cpe:/a:f5:big-ip_application_security_manager:12.1.0", "cpe:/a:f5:big-ip_policy_enforcement_manager:14.1.2", "cpe:/a:f5:big-ip_policy_enforcement_manager:15.1.3", "cpe:/a:f5:big-ip_fraud_protection_service:15.1.2", "cpe:/a:f5:big-ip_domain_name_system:12.1.2", "cpe:/a:f5:big-ip_global_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:14.1.0", "cpe:/a:f5:big-ip_access_policy_manager:11.6.2", "cpe:/a:f5:big-ip_local_traffic_manager:15.1.2", "cpe:/a:f5:big-ip_access_policy_manager:16.1.2", "cpe:/a:f5:big-ip_access_policy_manager:12.1.2", "cpe:/a:f5:big-ip_application_acceleration_manager:13.1.0", "cpe:/a:f5:big-ip_global_traffic_manager:11.6.5", "cpe:/a:f5:big-ip_global_traffic_manager:15.1.2", "cpe:/a:f5:big-ip_fraud_protection_service:11.6.1", "cpe:/a:f5:big-ip_domain_name_system:11.6.1", "cpe:/a:f5:big-ip_fraud_protection_service:13.1.4", "cpe:/a:f5:big-ip_application_security_manager:13.1.1", "cpe:/a:f5:big-ip_link_controller:16.1.0", "cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.0", "cpe:/a:f5:big-ip_fraud_protection_service:17.0.0", "cpe:/a:f5:big-ip_analytics:15.1.3", "cpe:/a:f5:big-ip_local_traffic_manager:15.1.5", "cpe:/a:f5:big-ip_fraud_protection_service:16.1.1", "cpe:/a:f5:big-ip_link_controller:14.1.3", "cpe:/a:f5:big-ip_application_security_manager:16.1.0", "cpe:/a:f5:big-ip_domain_name_system:12.1.6", "cpe:/a:f5:big-ip_local_traffic_manager:12.1.3", "cpe:/a:f5:big-ip_analytics:14.1.3", "cpe:/a:f5:big-ip_application_acceleration_manager:12.1.6", "cpe:/a:f5:big-ip_advanced_firewall_manager:15.1.0", "cpe:/a:f5:big-ip_link_controller:13.1.4", "cpe:/a:f5:big-ip_access_policy_manager:14.1.0", "cpe:/a:f5:big-ip_fraud_protection_service:12.1.4", "cpe:/a:f5:big-ip_advanced_firewall_manager:15.1.1", "cpe:/a:f5:big-ip_link_controller:13.1.3", "cpe:/a:f5:big-ip_access_policy_manager:14.1.3", "cpe:/a:f5:big-ip_application_acceleration_manager:15.1.4", "cpe:/a:f5:big-ip_link_controller:11.6.3", "cpe:/a:f5:big-ip_access_policy_manager:11.6.1", "cpe:/a:f5:big-ip_link_controller:15.1.3", "cpe:/a:f5:big-ip_policy_enforcement_manager:11.6.4", "cpe:/a:f5:big-ip_global_traffic_manager:15.1.5", "cpe:/a:f5:big-ip_domain_name_system:15.1.1", "cpe:/a:f5:big-ip_application_acceleration_manager:14.1.2", "cpe:/a:f5:big-ip_application_security_manager:14.1.3", "cpe:/a:f5:big-ip_application_acceleration_manager:11.6.3", "cpe:/a:f5:big-ip_fraud_protection_service:13.1.5", "cpe:/a:f5:big-ip_application_security_manager:14.1.2", "cpe:/a:f5:big-ip_global_traffic_manager:12.1.0", "cpe:/a:f5:big-ip_access_policy_manager:15.1.0", "cpe:/a:f5:big-ip_access_policy_manager:11.6.4", "cpe:/a:f5:big-ip_fraud_protection_service:13.1.1", "cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.3", "cpe:/a:f5:big-ip_application_acceleration_manager:11.6.1", "cpe:/a:f5:big-ip_domain_name_system:15.1.2", "cpe:/a:f5:big-ip_local_traffic_manager:12.1.1", "cpe:/a:f5:big-ip_application_security_manager:11.6.1", "cpe:/a:f5:big-ip_link_controller:15.1.0", "cpe:/a:f5:big-ip_link_controller:17.0.0", "cpe:/a:f5:big-ip_fraud_protection_service:12.1.0", "cpe:/a:f5:big-ip_local_traffic_manager:13.1.3", "cpe:/a:f5:big-ip_advanced_firewall_manager:13.1.3", "cpe:/a:f5:big-ip_policy_enforcement_manager:12.1.0", "cpe:/a:f5:big-ip_domain_name_system:17.0.0", "cpe:/a:f5:big-ip_domain_name_system:16.1.0", "cpe:/a:f5:big-ip_policy_enforcement_manager:11.6.2", "cpe:/a:f5:big-ip_access_policy_manager:17.0.0", "cpe:/a:f5:big-ip_local_traffic_manager:15.1.0", "cpe:/a:f5:big-ip_fraud_protection_service:13.1.0", "cpe:/a:f5:big-ip_local_traffic_manager:11.6.1", "cpe:/a:f5:big-ip_analytics:16.1.2", "cpe:/a:f5:big-ip_local_traffic_manager:12.1.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:12.1.3", "cpe:/a:f5:big-ip_global_traffic_manager:11.6.1", "cpe:/a:f5:big-ip_policy_enforcement_manager:11.6.1", "cpe:/a:f5:big-ip_analytics:11.6.2", "cpe:/a:f5:big-ip_application_security_manager:12.1.2", "cpe:/a:f5:big-ip_fraud_protection_service:14.1.2", "cpe:/a:f5:big-ip_link_controller:12.1.1", "cpe:/a:f5:big-ip_global_traffic_manager:14.1.4", "cpe:/a:f5:big-ip_local_traffic_manager:15.1.3", "cpe:/a:f5:big-ip_advanced_firewall_manager:11.6.1", "cpe:/a:f5:big-ip_application_acceleration_manager:12.1.2", "cpe:/a:f5:big-ip_advanced_firewall_manager:13.1.1", "cpe:/a:f5:big-ip_application_acceleration_manager:11.6.5", "cpe:/a:f5:big-ip_policy_enforcement_manager:16.1.0", "cpe:/a:f5:big-ip_analytics:12.1.3", "cpe:/a:f5:big-ip_analytics:15.1.0", "cpe:/a:f5:big-ip_domain_name_system:15.1.0", "cpe:/a:f5:big-ip_policy_enforcement_manager:11.6.3", "cpe:/a:f5:big-ip_policy_enforcement_manager:12.1.2", "cpe:/a:f5:big-ip_global_traffic_manager:11.6.3", "cpe:/a:f5:big-ip_analytics:13.1.3", "cpe:/a:f5:big-ip_domain_name_system:15.1.3", "cpe:/a:f5:big-ip_application_acceleration_manager:13.1.3", "cpe:/a:f5:big-ip_application_acceleration_manager:14.1.4", "cpe:/a:f5:big-ip_application_security_manager:16.1.2", "cpe:/a:f5:big-ip_domain_name_system:12.1.3", "cpe:/a:f5:big-ip_policy_enforcement_manager:12.1.1", "cpe:/a:f5:big-ip_local_traffic_manager:11.6.2", "cpe:/a:f5:big-ip_fraud_protection_service:15.1.1", "cpe:/a:f5:big-ip_advanced_firewall_manager:14.1.4", "cpe:/a:f5:big-ip_local_traffic_manager:13.1.1", "cpe:/a:f5:big-ip_global_traffic_manager:11.6.2", "cpe:/a:f5:big-ip_domain_name_system:12.1.5", "cpe:/a:f5:big-ip_policy_enforcement_manager:15.1.5", "cpe:/a:f5:big-ip_analytics:12.1.2", "cpe:/a:f5:big-ip_local_traffic_manager:16.1.0", "cpe:/a:f5:big-ip_access_policy_manager:11.6.5", "cpe:/a:f5:big-ip_application_security_manager:12.1.4", "cpe:/a:f5:big-ip_global_traffic_manager:13.1.0", "cpe:/a:f5:big-ip_global_traffic_manager:12.1.2", "cpe:/a:f5:big-ip_advanced_firewall_manager:15.1.5", "cpe:/a:f5:big-ip_policy_enforcement_manager:16.1.2", "cpe:/a:f5:big-ip_advanced_firewall_manager:13.1.4", "cpe:/a:f5:big-ip_global_traffic_manager:12.1.3", "cpe:/a:f5:big-ip_policy_enforcement_manager:13.1.0", "cpe:/a:f5:big-ip_application_acceleration_manager:16.1.1", "cpe:/a:f5:big-ip_application_acceleration_manager:15.1.1", "cpe:/a:f5:big-ip_fraud_protection_service:12.1.1", "cpe:/a:f5:big-ip_access_policy_manager:13.1.1", "cpe:/a:f5:big-ip_global_traffic_manager:13.1.1", "cpe:/a:f5:big-ip_analytics:12.1.4", "cpe:/a:f5:big-ip_domain_name_system:14.1.4", "cpe:/a:f5:big-ip_advanced_firewall_manager:11.6.2", "cpe:/a:f5:big-ip_advanced_firewall_manager:11.6.5", "cpe:/a:f5:big-ip_domain_name_system:11.6.5", "cpe:/a:f5:big-ip_fraud_protection_service:12.1.3", "cpe:/a:f5:big-ip_policy_enforcement_manager:15.1.2", "cpe:/a:f5:big-ip_domain_name_system:13.1.3", "cpe:/a:f5:big-ip_local_traffic_manager:16.1.2", "cpe:/a:f5:big-ip_application_security_manager:15.1.0", "cpe:/a:f5:big-ip_analytics:15.1.1", "cpe:/a:f5:big-ip_policy_enforcement_manager:15.1.0", "cpe:/a:f5:big-ip_analytics:11.6.5", "cpe:/a:f5:big-ip_policy_enforcement_manager:12.1.4", "cpe:/a:f5:big-ip_analytics:12.1.5", "cpe:/a:f5:big-ip_access_policy_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:12.1.5", "cpe:/a:f5:big-ip_fraud_protection_service:14.1.3", "cpe:/a:f5:big-ip_access_policy_manager:13.1.0", "cpe:/a:f5:big-ip_policy_enforcement_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:12.1.6", "cpe:/a:f5:big-ip_link_controller:11.6.4", "cpe:/a:f5:big-ip_access_policy_manager:11.6.3", "cpe:/a:f5:big-ip_policy_enforcement_manager:13.1.1", "cpe:/a:f5:big-ip_link_controller:16.1.1", "cpe:/a:f5:big-ip_application_security_manager:13.1.4", "cpe:/a:f5:big-ip_access_policy_manager:14.1.2", "cpe:/a:f5:big-ip_access_policy_manager:12.1.1", "cpe:/a:f5:big-ip_domain_name_system:11.6.3", "cpe:/a:f5:big-ip_access_policy_manager:15.1.5", "cpe:/a:f5:big-ip_analytics:16.1.0", "cpe:/a:f5:big-ip_link_controller:14.1.4", "cpe:/a:f5:big-ip_access_policy_manager:16.1.0", "cpe:/a:f5:big-ip_analytics:16.1.1", "cpe:/a:f5:big-ip_global_traffic_manager:13.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:13.1.4", "cpe:/a:f5:big-ip_access_policy_manager:14.1.4", "cpe:/a:f5:big-ip_fraud_protection_service:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:15.1.3", "cpe:/a:f5:big-ip_link_controller:15.1.4", "cpe:/a:f5:big-ip_global_traffic_manager:12.1.5", "cpe:/a:f5:big-ip_access_policy_manager:12.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:15.1.5", "cpe:/a:f5:big-ip_global_traffic_manager:16.1.0", "cpe:/a:f5:big-ip_analytics:13.1.1", "cpe:/a:f5:big-ip_advanced_firewall_manager:16.1.0", "cpe:/a:f5:big-ip_fraud_protection_service:15.1.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:14.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:12.1.5", "cpe:/a:f5:big-ip_application_acceleration_manager:16.1.0", "cpe:/a:f5:big-ip_analytics:15.1.4", "cpe:/a:f5:big-ip_advanced_firewall_manager:15.1.3", "cpe:/a:f5:big-ip_advanced_firewall_manager:11.6.3", "cpe:/a:f5:big-ip_domain_name_system:14.1.3", "cpe:/a:f5:big-ip_access_policy_manager:15.1.4", "cpe:/a:f5:big-ip_local_traffic_manager:15.1.4", "cpe:/a:f5:big-ip_global_traffic_manager:13.1.3", "cpe:/a:f5:big-ip_policy_enforcement_manager:14.1.0", "cpe:/a:f5:big-ip_application_security_manager:13.1.5", "cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.6", "cpe:/a:f5:big-ip_application_acceleration_manager:13.1.5", "cpe:/a:f5:big-ip_application_security_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:13.1.1", "cpe:/a:f5:big-ip_access_policy_manager:15.1.1", "cpe:/a:f5:big-ip_link_controller:12.1.4", "cpe:/a:f5:big-ip_local_traffic_manager:14.1.3", "cpe:/a:f5:big-ip_application_acceleration_manager:15.1.3", "cpe:/a:f5:big-ip_link_controller:15.1.5", "cpe:/a:f5:big-ip_application_security_manager:12.1.3", "cpe:/a:f5:big-ip_application_acceleration_manager:14.1.0", "cpe:/a:f5:big-ip_application_acceleration_manager:13.1.1", "cpe:/a:f5:big-ip_analytics:12.1.6", "cpe:/a:f5:big-ip_link_controller:12.1.0", "cpe:/a:f5:big-ip_local_traffic_manager:13.1.4", "cpe:/a:f5:big-ip_global_traffic_manager:14.1.0", "cpe:/a:f5:big-ip_access_policy_manager:12.1.5", "cpe:/a:f5:big-ip_domain_name_system:13.1.5", "cpe:/a:f5:big-ip_fraud_protection_service:14.1.0", "cpe:/a:f5:big-ip_application_security_manager:12.1.5", "cpe:/a:f5:big-ip_application_security_manager:11.6.2", "cpe:/a:f5:big-ip_domain_name_system:13.1.1", "cpe:/a:f5:big-ip_analytics:14.1.4", "cpe:/a:f5:big-ip_access_policy_manager:12.1.0", "cpe:/a:f5:big-ip_policy_enforcement_manager:16.1.1", "cpe:/a:f5:big-ip_application_acceleration_manager:11.6.2", "cpe:/a:f5:big-ip_advanced_firewall_manager:11.6.4", "cpe:/a:f5:big-ip_application_security_manager:15.1.4", "cpe:/a:f5:big-ip_fraud_protection_service:14.1.4", "cpe:/a:f5:big-ip_global_traffic_manager:11.6.4", "cpe:/a:f5:big-ip_advanced_firewall_manager:14.1.2", "cpe:/a:f5:big-ip_policy_enforcement_manager:15.1.1", "cpe:/a:f5:big-ip_fraud_protection_service:15.1.3", "cpe:/a:f5:big-ip_domain_name_system:16.1.2", "cpe:/a:f5:big-ip_access_policy_manager:15.1.3", "cpe:/a:f5:big-ip_application_acceleration_manager:14.1.3", "cpe:/a:f5:big-ip_policy_enforcement_manager:12.1.5", "cpe:/a:f5:big-ip_advanced_firewall_manager:13.1.0", "cpe:/a:f5:big-ip_local_traffic_manager:13.1.5", "cpe:/a:f5:big-ip_application_acceleration_manager:12.1.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:14.1.3", "cpe:/a:f5:big-ip_access_policy_manager:15.1.2", "cpe:/a:f5:big-ip_fraud_protection_service:11.6.3", "cpe:/a:f5:big-ip_analytics:11.6.4", "cpe:/a:f5:big-ip_local_traffic_manager:12.1.0", "cpe:/a:f5:big-ip_domain_name_system:12.1.4", "cpe:/a:f5:big-ip_local_traffic_manager:17.0.0", "cpe:/a:f5:big-ip_local_traffic_manager:11.6.5", "cpe:/a:f5:big-ip_global_traffic_manager:16.1.1", "cpe:/a:f5:big-ip_analytics:13.1.0", "cpe:/a:f5:big-ip_domain_name_system:11.6.4", "cpe:/a:f5:big-ip_global_traffic_manager:15.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:11.6.4", "cpe:/a:f5:big-ip_analytics:15.1.2", "cpe:/a:f5:big-ip_analytics:12.1.0", "cpe:/a:f5:big-ip_local_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_analytics:14.1.0", "cpe:/a:f5:big-ip_link_controller:11.6.1", "cpe:/a:f5:big-ip_local_traffic_manager:14.1.4", "cpe:/a:f5:big-ip_link_controller:12.1.3", "cpe:/a:f5:big-ip_link_controller:15.1.1", "cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.5", "cpe:/a:f5:big-ip_application_security_manager:12.1.1", "cpe:/a:f5:big-ip_domain_name_system:13.1.0", "cpe:/a:f5:big-ip_analytics:13.1.5", "cpe:/a:f5:big-ip_global_traffic_manager:12.1.4", "cpe:/a:f5:big-ip_local_traffic_manager:14.1.0", "cpe:/a:f5:big-ip_analytics:12.1.1", "cpe:/a:f5:big-ip_global_traffic_manager:13.1.5", "cpe:/a:f5:big-ip_domain_name_system:16.1.1", "cpe:/a:f5:big-ip_access_policy_manager:12.1.3", "cpe:/a:f5:big-ip_access_policy_manager:13.1.5", "cpe:/a:f5:big-ip_link_controller:11.6.2", "cpe:/a:f5:big-ip_global_traffic_manager:17.0.0", "cpe:/a:f5:big-ip_application_acceleration_manager:12.1.0", "cpe:/a:f5:big-ip_application_acceleration_manager:17.0.0", "cpe:/a:f5:big-ip_local_traffic_manager:14.1.2", "cpe:/a:f5:big-ip_application_security_manager:16.1.1", "cpe:/a:f5:big-ip_analytics:14.1.2", "cpe:/a:f5:big-ip_advanced_firewall_manager:17.0.0", "cpe:/a:f5:big-ip_application_security_manager:11.6.3", "cpe:/a:f5:big-ip_application_security_manager:15.1.5", "cpe:/a:f5:big-ip_advanced_firewall_manager:15.1.4", "cpe:/a:f5:big-ip_application_security_manager:15.1.2", "cpe:/a:f5:big-ip_application_security_manager:17.0.0", "cpe:/a:f5:big-ip_domain_name_system:12.1.0", "cpe:/a:f5:big-ip_fraud_protection_service:11.6.4", "cpe:/a:f5:big-ip_advanced_firewall_manager:16.1.1", "cpe:/a:f5:big-ip_local_traffic_manager:12.1.5", "cpe:/a:f5:big-ip_domain_name_system:14.1.2", "cpe:/a:f5:big-ip_global_traffic_manager:14.1.2", "cpe:/a:f5:big-ip_local_traffic_manager:16.1.1", "cpe:/a:f5:big-ip_link_controller:15.1.2", "cpe:/a:f5:big-ip_local_traffic_manager:12.1.2", "cpe:/a:f5:big-ip_application_security_manager:14.1.0", "cpe:/a:f5:big-ip_domain_name_system:14.1.0", "cpe:/a:f5:big-ip_application_security_manager:13.1.3", "cpe:/a:f5:big-ip_analytics:15.1.5", "cpe:/a:f5:big-ip_fraud_protection_service:11.6.5", "cpe:/a:f5:big-ip_link_controller:14.1.2", "cpe:/a:f5:big-ip_link_controller:12.1.2", "cpe:/a:f5:big-ip_advanced_firewall_manager:15.1.2", "cpe:/a:f5:big-ip_application_acceleration_manager:16.1.2", "cpe:/a:f5:big-ip_local_traffic_manager:13.1.0", "cpe:/a:f5:big-ip_fraud_protection_service:15.1.0", "cpe:/a:f5:big-ip_access_policy_manager:16.1.1", "cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.4", "cpe:/a:f5:big-ip_domain_name_system:15.1.4", "cpe:/a:f5:big-ip_fraud_protection_service:13.1.3", "cpe:/a:f5:big-ip_analytics:11.6.1", "cpe:/a:f5:big-ip_policy_enforcement_manager:13.1.5", "cpe:/a:f5:big-ip_fraud_protection_service:16.1.2", "cpe:/a:f5:big-ip_global_traffic_manager:16.1.2", "cpe:/a:f5:big-ip_global_traffic_manager:12.1.1", "cpe:/a:f5:big-ip_link_controller:16.1.2", "cpe:/a:f5:big-ip_domain_name_system:12.1.1", "cpe:/a:f5:big-ip_fraud_protection_service:15.1.5", "cpe:/a:f5:big-ip_access_policy_manager:13.1.3", "cpe:/a:f5:big-ip_application_acceleration_manager:12.1.3", "cpe:/a:f5:big-ip_link_controller:13.1.5", "cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.1", "cpe:/a:f5:big-ip_advanced_firewall_manager:14.1.3", "cpe:/a:f5:big-ip_application_security_manager:13.1.0", "cpe:/a:f5:big-ip_link_controller:11.6.5", "cpe:/a:f5:big-ip_analytics:11.6.3", "cpe:/a:f5:big-ip_application_acceleration_manager:15.1.2", "cpe:/a:f5:big-ip_fraud_protection_service:11.6.2", "cpe:/a:f5:big-ip_application_security_manager:11.6.5", "cpe:/a:f5:big-ip_policy_enforcement_manager:15.1.4", "cpe:/a:f5:big-ip_local_traffic_manager:11.6.4", "cpe:/a:f5:big-ip_global_traffic_manager:15.1.3", "cpe:/a:f5:big-ip_global_traffic_manager:15.1.1", "cpe:/a:f5:big-ip_fraud_protection_service:12.1.5", "cpe:/a:f5:big-ip_domain_name_system:15.1.5", "cpe:/a:f5:big-ip_fraud_protection_service:12.1.2", "cpe:/a:f5:big-ip_application_security_manager:15.1.1", "cpe:/a:f5:big-ip_local_traffic_manager:11.6.3", "cpe:/a:f5:big-ip_analytics:13.1.4", "cpe:/a:f5:big-ip_advanced_firewall_manager:13.1.5", "cpe:/a:f5:big-ip_application_security_manager:14.1.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:11.6.5", "cpe:/a:f5:big-ip_global_traffic_manager:15.1.0", "cpe:/a:f5:big-ip_fraud_protection_service:16.1.0", "cpe:/a:f5:big-ip_advanced_firewall_manager:14.1.0", "cpe:/a:f5:big-ip_domain_name_system:11.6.2", "cpe:/a:f5:big-ip_analytics:17.0.0", "cpe:/a:f5:big-ip_advanced_firewall_manager:16.1.2", "cpe:/a:f5:big-ip_link_controller:13.1.0", "cpe:/a:f5:big-ip_application_security_manager:11.6.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:17.0.0", "cpe:/a:f5:big-ip_domain_name_system:13.1.4"], "id": "CVE-2022-29480", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-29480", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_analytics:15.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:17.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:16.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:16.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:16.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:11.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:16.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:17.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:13.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:16.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:17.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:16.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:13.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:15.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:15.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:11.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:17.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:14.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:15.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:17.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:17.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:11.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:17.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:13.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:15.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:16.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:12.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:15.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:16.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:14.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:12.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:11.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:11.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:13.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:16.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:12.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:16.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:13.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:11.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:16.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:15.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:14.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:13.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:16.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:16.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:11.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:16.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:13.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:16.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:17.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:13.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:14.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:11.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:16.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:13.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:16.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:16.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:15.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.4:*:*:*:*:*:*:*"]}], "cnvd": [{"lastseen": "2022-11-08T11:23:23", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. F5 BIG-IP is vulnerable to resource management errors, which can be exploited by attackers to cause service degradation, resulting in a denial of service on the BIG-IP system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-05-07T00:00:00", "type": "cnvd", "title": "F5 BIG-IP Resource Management Error Vulnerability (CNVD-2022-74967)", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29480"], "modified": "2022-11-08T00:00:00", "id": "CNVD-2022-74967", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2022-74967", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "f5": [{"lastseen": "2022-05-06T23:47:00", "description": "On May 4, 2022, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associated security advisory.\n\nDistributed Cloud and Managed Services\n\nService | Status \n---|--- \nF5 Distributed Cloud Services | Does not affect or has been resolved \nSilverline | Does not affect or has been resolved \nThreat Stack | Does not affect or has been resolved \n \n * [Critical CVEs](<https://support.f5.com/csp/article/K55879220#critical>)\n * [High CVEs](<https://support.f5.com/csp/article/K55879220#high>)\n * [Medium CVEs](<https://support.f5.com/csp/article/K55879220#medium>)\n * [Low CVEs](<https://support.f5.com/csp/article/K55879220#low>)\n * [Security Exposures](<https://support.f5.com/csp/article/K55879220#exposure>)\n\nCritical CVEs\n\nSecurity Advisory (CVE) | CVSS score | Affected products | Affected versions1 | Fixes introduced in \n---|---|---|---|--- \n[K23605346: BIG-IP iControl REST vulnerability CVE-2022-1388](<https://support.f5.com/csp/article/K23605346>) | 9.8 | BIG-IP (all modules) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \n \n1F5 evaluates only software versions that have not yet reached the End of Technical Support (EoTS) phase of their lifecycle.\n\nHigh CVEs\n\nSecurity Advisory (CVE) | CVSS score | Affected products | Affected versions1 | Fixes introduced in \n---|---|---|---|--- \n[K52322100: Authenticated F5 BIG-IP Guided Configuration integrity check in Appliance mode vulnerability CVE-2022-25946](<https://support.f5.com/csp/article/K52322100>) | 8.7 - Appliance mode only | BIG-IP Guided Configuration | 3.0 - 8.0 | 9.0 \nBIG-IP (ASM, Advanced WAF, APM) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0.8 - 13.1.5 | 17.0.0 \n[K68647001: Authenticated F5 BIG-IP Guided Configuration in Appliance mode vulnerability CVE-2022-27806](<https://support.f5.com/csp/article/K68647001>) | 8.7 - Appliance mode only | BIG-IP Guided Configuration | 3.0 - 8.0 | 9.0 \nBIG-IP (Advanced WAF, APM, ASM) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0.8 - 13.1.5 | 17.0.0 \n[K70300233: BIG-IP TMUI XSS vulnerability CVE-2022-28707](<https://support.f5.com/csp/article/K70300233>) | 8.0 | BIG-IP (all modules) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n[K33552735: BIG-IP Edge Client for Windows vulnerability CVE-2022-29263](<https://support.f5.com/csp/article/K33552735>) | 7.8 | BIG-IP (APM) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \nBIG-IP APM Clients | 7.1.8 - 7.2.1 | 7.2.2 \n7.2.1.5 \n[K81952114: Authenticated iControl REST in Appliance mode vulnerability CVE-2022-26415](<https://support.f5.com/csp/article/K81952114>) | 7.7 - Appliance mode only | BIG-IP (all modules) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \n[K23454411: DNS profile vulnerability CVE-2022-26372](<https://support.f5.com/csp/article/K23454411>) | 7.5 | BIG-IP (all modules) | 15.1.0 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 16.0.0 \n15.1.0.2 \n14.1.4.6 \n13.1.5 \n[K25451853: TMUI XSS vulnerability CVE-2022-28716](<https://support.f5.com/csp/article/K25451853>) | 7.5 | BIG-IP (AFM, CGNAT, PEM) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \n[K16187341: BIG-IP ICAP profile vulnerability CVE-2022-27189](<https://support.f5.com/csp/article/K16187341>) | 7.5 | BIG-IP (all modules) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \n[K21317311: F5 BIG-IP Guided Configuration XSS vulnerability CVE-2022-27230](<https://support.f5.com/csp/article/K21317311>) | 7.5 | BIG-IP Guided Configuration | 3.0 - 8.0 | 9.0 \nBIG-IP (APM) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0.8 - 13.1.5 | 17.0.0 \n[K37155600: BIG-IP RTSP profile vulnerability CVE-2022-28691](<https://support.f5.com/csp/article/K37155600>) | 7.5 | BIG-IP (all modules) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.4 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 | 17.0.0 \n16.1.2.2 \n15.1.5 \n14.1.4.6 \n13.1.5 \n[K14229426: BIG-IP SSL vulnerability CVE-2022-29491](<https://support.f5.com/csp/article/K14229426>) | 7.5 | BIG-IP (LTM, Advanced WAF, ASM, APM) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.4 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.5 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 17.0.0 \n16.1.2.2 \n15.1.5 \n14.1.4.6 \n[K52340447: F5 ePVA vulnerability CVE-2022-28705](<https://support.f5.com/csp/article/K52340447>) | 7.5 | BIG-IP (all modules) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \n[K03442392: BIG-IP ASM and F5 Advanced WAF vulnerability CVE-2022-26890](<https://support.f5.com/csp/article/K03442392>) | 7.5 | BIG-IP (ASM, Advanced WAF, APM) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.4 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 | 17.0.0 \n16.1.2.1 \n15.1.5 \n14.1.4.6 \n13.1.5 \n[K99123750: BIG-IP Stream profile vulnerability CVE-2022-28701](<https://support.f5.com/csp/article/K99123750>) | 7.5 | BIG-IP (all modules) | 16.1.0 - 16.1.2 | 17.0.0 \n16.1.2.2 \n[K41440465: BIG-IP TMM vulnerability CVE-2022-26071](<https://support.f5.com/csp/article/K41440465>) | 7.4 | BIG-IP (all modules) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \n[K54460845: BIG-IP Edge Client for Windows vulnerability CVE-2022-28714](<https://support.f5.com/csp/article/K54460845>) | 7.3 | BIG-IP (APM) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \nBIG-IP APM Clients | 7.2.1 - 7.2.1 \n7.1.6 - 7.1.9 | 7.2.2 \n7.2.1.5 \n[K08510472: BIG-IP TMUI vulnerability CVE-2022-28695](<https://support.f5.com/csp/article/K08510472>) | 7.2 - Standard deployment mode | BIG-IP (AFM) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \n9.1 - Appliance mode \n \n1F5 evaluates only software versions that have not yet reached the End of Technical Support (EoTS) phase of their lifecycle.\n\nMedium CVEs\n\nSecurity Advisory (CVE) | CVSS score | Affected products | Affected versions1 | Fixes introduced in \n---|---|---|---|--- \n[K92807525: TMUI XSS vulnerability CVE-2022-27878](<https://support.f5.com/csp/article/K92807525>) | 6.8 | BIG-IP Guided Configuration | 6.0 - 8.0 | 9.0 \nBIG-IP (all modules) | 16.0.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0.4 - 13.1.5 | 17.0.0 \n[K94093538: NGINX Service Mesh control plane vulnerability CVE-2022-27495](<https://support.f5.com/csp/article/K94093538>) | 6.5 | NGINX Service Mesh | 1.3.0 - 1.3.1 | 1.4.0 \n[K57555833: BIG-IP APM vulnerability CVE-2022-27634](<https://support.f5.com/csp/article/K57555833>) | 6.5 | BIG-IP (APM) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n[K47662005: BIG-IP Net HSM script vulnerability CVE-2022-28859](<https://support.f5.com/csp/article/K47662005>) | 6.5 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 | 17.0.0 \n16.1.0 \n15.1.5.1 \n14.1.4.6 \n[K06323049: BIG-IP IPsec ALG vulnerability CVE-2022-29473](<https://support.f5.com/csp/article/K06323049>) | 5.9 | BIG-IP (all modules) | 15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 | 16.1.0 \n15.1.5.1 \n14.1.4.5 \n13.1.5 \n[K51539421: BIG-IP SIP ALG profile vulnerability CVE-2022-26370](<https://support.f5.com/csp/article/K51539421>) | 5.9 | BIG-IP (all modules) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.4 \n14.1.0 - 14.1.4 | 17.0.0 \n16.1.2.2 \n15.1.5 \n14.1.4.6 \n[K54082580: BIG-IP CGNAT LSN vulnerability CVE-2022-26517](<https://support.f5.com/csp/article/K54082580>) | 5.9 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 | 17.0.0 \n16.1.0 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \n[K03755971: BIG-IP DNS resolver vulnerability CVE-2022-28706](<https://support.f5.com/csp/article/K03755971>) | 5.9 | BIG-IP (all modules) | 16.0.0 - 16.1.1 \n15.1.0 - 15.1.5 | 17.0.0 \n16.1.2 \n15.1.5.1 \n[K85054496: BIG-IP DNS resolver vulnerability CVE-2022-28708](<https://support.f5.com/csp/article/K85054496>) | 5.9 | BIG-IP (all modules) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n[K40019131: F5 Access for Android vulnerability CVE-2022-27875](<https://support.f5.com/csp/article/K40019131>) | 5.5 | F5 Access for Android | 3.0.6 - 3.0.7 | 3.0.8 \n[K57110035: BIG-IP APM Edge client for Windows logging vulnerability CVE-2022-27636](<https://support.f5.com/csp/article/K57110035>) | 5.5 | BIG-IP (APM) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \nBIG-IP APM Clients | 7.1.6 - 7.2.1 | 7.2.1.5 \n[K44233515: F5OS-A vulnerability CVE-2022-25990](<https://support.f5.com/csp/article/K44233515>) | 5.3 | F5OS-A | 1.0.0 | 1.0.1 \n[K82034427: BIG-IP FTP profile vulnerability CVE-2022-26130](<https://support.f5.com/csp/article/K82034427>) | 5.3 | BIG-IP (all modules) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \n[K71103363: BIG-IP big3d vulnerability CVE-2022-29480](<https://support.f5.com/csp/article/K71103363>) | 5.3 | BIG-IP (all modules) | 13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 14.0.0 \n13.1.5 \n[K64124988: TMM IPv6 stack vulnerability CVE-2022-29479](<https://support.f5.com/csp/article/K64124988>) | 5.3 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 17.0.0 \n16.1.0 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \nBIG-IQ Centralized Management | 8.0.0 - 8.2.0 \n7.0.0 - 7.1.0 | None \n[K31856317: BIG-IP Packet Filters vulnerability CVE-2022-27182](<https://support.f5.com/csp/article/K31856317>) | 5.3 | BIG-IP (all modules) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n[K93543114: BIG-IP APM vulnerability CVE-2022-27181](<https://support.f5.com/csp/article/K93543114>) | 5.3 | BIG-IP (APM) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \n[K53197140: BIG-IP iControl REST and tmsh vulnerabilities CVE-2022-26835](<https://support.f5.com/csp/article/K53197140>) | 4.9 - Standard deployment mode | BIG-IP (all modules) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \n6.8 - Appliance mode \n[K38271531: BIG-IP and BIG-IQ SCP vulnerability CVE-2022-26340](<https://support.f5.com/csp/article/K38271531>) | 4.9 | BIG-IP (all modules) | 16.0.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \nBIG-IQ Centralized Management | 8.0.0 - 8.2.0 \n7.0.0 - 7.1.0 | None \n[K24248011: Traffix SDC Configuration utility vulnerability CVE-2022-27662](<https://support.f5.com/csp/article/K24248011>) | 4.8 | Traffix SDC | 5.2.0 \n5.1.0 | 5.2.2 \n5.1.35 \n[K17341495: Traffix SDC Configuration utility vulnerability CVE-2022-27880](<https://support.f5.com/csp/article/K17341495>) | 4.8 | Traffix SDC | 5.2.0 \n5.1.0 | 5.2.2 \n5.1.35 \n[K15101402: iControl REST vulnerability CVE-2022-1468](<https://support.f5.com/csp/article/K15101402>) | 4.3 | BIG-IP (all modules) | 17.0.0 \n16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.5 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | None \n[K41877405: BIG-IP TMUI vulnerability CVE-2022-27659](<https://support.f5.com/csp/article/K41877405>) | 4.3 | BIG-IP (all modules) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n[K59904248: iControl SOAP vulnerability CVE-2022-29474](<https://support.f5.com/csp/article/K59904248>) | 4.3 | BIG-IP (all modules) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \n \n1F5 evaluates only software versions that have not yet reached the End of Technical Support (EoTS) phase of their lifecycle.\n\nLow CVEs\n\nSecurity Advisory (CVE) | CVSS score | Affected products | Affected versions1 | Fixes introduced in \n---|---|---|---|--- \n[K49905324: BIG-IP TMUI CSRF vulnerability CVE-2022-1389](<https://support.f5.com/csp/article/K49905324>) | 3.1 | BIG-IP (all modules) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.5 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 17.0.0 \n \n1F5 evaluates only software versions that have not yet reached the End of Technical Support (EoTS) phase of their lifecycle.\n\nSecurity Exposures\n\nSecurity Advisory (Exposure) | Affected products | Affected versions1 | Fixes introduced in \n---|---|---|--- \n[K68816502: A BIG-IP LTM policy referencing an external data group may not match traffic](<https://support.f5.com/csp/article/K68816502>) | BIG-IP (all modules) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.5 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n[K74302282: BIG-IP APM RDP resource security exposure](<https://support.f5.com/csp/article/K74302282>) | BIG-IP (APM) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \n[K70134152: BIG-IP ASM, F5 Advanced WAF, and NGINX App Protect encoded directory traversal security exposure](<https://support.f5.com/csp/article/K70134152>) | BIG-IP (Advanced WAF, ASM) | 16.1.0 \n15.1.0 - 15.1.3 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 17.0.0 \n16.1.1 \n15.1.4 \n14.1.4.4 \n13.1.5 \nNGINX App Protect | 3.0.0 - 3.6.0 \n2.0.0 - 2.3.0 \n1.0.0 - 1.3.0 | 3.7.0 \n[K80945213: BIG-IP ASM and F5 Advanced WAF attack signature check failure security exposure](<https://support.f5.com/csp/article/K80945213>) | BIG-IP (Advanced WAF, ASM) | 15.1.0 - 15.1.4 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 16.1.0 \n15.1.4.1 \n14.1.4.4 \n13.1.5 \n[K67397230: BIG-IP ASM, F5 Advanced WAF, and NGINX App Protect normalizing security exposure](<https://support.f5.com/csp/article/K67397230>) | BIG-IP (Advanced WAF, ASM) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.4 \n14.1.0 - 14.1.4 | 17.0.0 \n16.1.2.1 \n15.1.5 \n14.1.4.6 \nNGINX App Protect | 3.0.0 - 3.6.0 \n2.0.0 - 2.3.0 \n1.0.0 - 1.3.0 | 3.7.0 \n[K53593534: BIG-IP ASM and F5 Advanced WAF attack signature check failure on certain HTTP requests](<https://support.f5.com/csp/article/K53593534>) | BIG-IP (Advanced WAF, ASM) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \n[K39002226: F5 Advanced WAF and BIG-IP ASM multipart request security exposure](<https://support.f5.com/csp/article/K39002226>) | BIG-IP (Advanced WAF, ASM) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \n[K94142349: BIG-IP Advanced WAF and ASM WebSocket security exposure](<https://support.f5.com/csp/article/K94142349>) | BIG-IP (Advanced WAF, ASM) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \n[K85021277: BIG-IP DNSSEC security exposure](<https://support.f5.com/csp/article/K85021277>) | BIG-IP (DNS) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n13.1.5 \n[K92306170: BIG-IP AFM single endpoint flood/sweep DoS vector security exposure ](<https://support.f5.com/csp/article/K92306170>) | BIG-IP (AFM) | 16.1.0 - 16.1.2 \n15.1.0 - 15.1.5 \n14.1.0 - 14.1.4 | 17.0.0 \n16.1.2.2 \n15.1.5.1 \n14.1.4.6 \n \n1F5 evaluates only software versions that have not yet reached the End of Technical Support (EoTS) phase of their lifecycle.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-04T13:13:00", "type": "f5", "title": "Overview of F5 vulnerabilities (May 2022)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1388", "CVE-2022-1389", "CVE-2022-1468", "CVE-2022-25946", "CVE-2022-25990", "CVE-2022-26071", "CVE-2022-26130", "CVE-2022-26340", "CVE-2022-26370", "CVE-2022-26372", "CVE-2022-26415", "CVE-2022-26517", "CVE-2022-26835", "CVE-2022-26890", "CVE-2022-27181", "CVE-2022-27182", "CVE-2022-27189", "CVE-2022-27230", "CVE-2022-27495", "CVE-2022-27634", "CVE-2022-27636", "CVE-2022-27659", "CVE-2022-27662", "CVE-2022-27806", "CVE-2022-27875", "CVE-2022-27878", "CVE-2022-27880", "CVE-2022-28691", "CVE-2022-28695", "CVE-2022-28701", "CVE-2022-28705", "CVE-2022-28706", "CVE-2022-28707", "CVE-2022-28708", "CVE-2022-28714", "CVE-2022-28716", "CVE-2022-28859", "CVE-2022-29263", "CVE-2022-29473", "CVE-2022-29474", "CVE-2022-29479", "CVE-2022-29480", "CVE-2022-29491"], "modified": "2022-05-04T13:13:00", "id": "F5:K55879220", "href": "https://support.f5.com/csp/article/K55879220", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}

BIG-IP big3d vulnerability CVE-2022-29480

Description

Affected Software

Related