Lucene search

K
f5F5F5:K82034427
HistoryMay 04, 2022 - 12:00 a.m.

K82034427 : BIG-IP FTP profile vulnerability CVE-2022-26130

2022-05-0400:00:00
my.f5.com
38
big-ip
ftp profile
vulnerability
cve-2022-26130
active mode
traffic disruption
denial-of-service
remote attacker
unauthenticated
data plane.

AI Score

5.7

Confidence

High

EPSS

0.001

Percentile

34.4%

Security Advisory Description

When an Active mode-enabled FTP profile is configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing active FTP data channel connections. (CVE-2022-26130)

Impact

Traffic is disrupted for active FTP data channel connections. This vulnerability allows a remote unauthenticated attacker to cause a denial-of-service (DoS) on the BIG-IP system, specific to the impacted virtual server. There is no control plane exposure; this is a data plane issue only.

AI Score

5.7

Confidence

High

EPSS

0.001

Percentile

34.4%