PT-2022-22273 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: BIG-IP versions 14.1.x through 14.1.5 BIG-IP versions 15.1.x through 15.1.6.1 BIG-IP versions 16.0.x through 16.0.1.1 Description: When an iRule containing the HTTP::payload command is configured on a virtual server, undisclosed traffic can...

CVE-2022-34655

In BIG-IP Versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when an iRule containing the HTTP::payload command is configured on a virtual server, undisclosed traffic can cause Traffic Management Microkernel TMM to terminate. Note: Software versions which have...

CVE-2022-32455

In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when a BIG-IP LTM Client SSL profile is configured on a virtual server to perform client certificate authentication with session tickets enabled, undisclosed requests cause the...

CVE-2022-34651

In BIG-IP Versions 16.1.x before 16.1.3.1 and 15.1.x before 15.1.6.1, when an LTM Client or Server SSL profile with TLS 1.3 enabled is configured on a virtual server, along with an iRule that calls HTTP::respond, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate...

CVE-2022-35272

In BIG-IP Versions 17.0.x before 17.0.0.1 and 16.1.x before 16.1.3.1, when source-port preserve-strict is configured on an HTTP Message Routing Framework MRF virtual server, undisclosed traffic may cause the Traffic Management Microkernel TMM to produce a core file and the connection to terminate...

F5 BIG-IP TMM Data Normalization Infinite Loop Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. An infinite loop vulnerability in F5 BIG-IP TMM data normalization stems from the fact that when an LTM virtual server is...

F5 BIG-IP TMM iRule Denial of Service Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP TMM iRule, which stems from the fact that when configuring a BIG-IP...

F5 BIG-IP APM null pointer pointer dereference vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A null pointer pointer dereference vulnerability exists in F5 BIG-IP APM, which stems from undisclosed traffic when configuri...

F5 BIG-IP HTTP MRF Denial of Service Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP HTTP MRF, which stems from the configuration of source-port preserv...

F5 BIG-IP TMM ClientSSL Profile Denial of Service Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP TMM ClientSSL profile, which stems from the vulnerability when the...

F5 Networks BIG-IP : TMM vulnerability (K16852653)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5 / 15.1.6.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K16852653 advisory. - In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and a...

Huawei HarmonyOS Denial of Service Vulnerability (CNVD-2022-57611)

Huawei HarmonyOS is an operating system from Huawei, China. It provides a microkernel-based distributed operating system. A security vulnerability exists in the graphics component of Huawei HarmonyOS, stemming from the existence of a multi-threaded access database for the graphics acceleration...

Huawei HarmonyOS null pointer vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company that provides a microkernel-based, distributed operating system. Huawei HarmonyOS contains a security vulnerability that could be exploited by attackers to compromise device availability...

Huawei HarmonyOS security bypass vulnerability (CNVD-2022-57613)

Huawei HarmonyOS is an operating system from Huawei China. It provides a microkernel-based, fully distributed operating system. Huawei HarmonyOS contains a security vulnerability that could be exploited by attackers to compromise system integrity...

Huawei HarmonyOS Information Disclosure Vulnerability (CNVD-2022-61608)

Huawei HarmonyOS is an operating system from Huawei China. It provides a microkernel-based, fully distributed operating system. Huawei HarmonyOS contains a security vulnerability that could be exploited by attackers to compromise device confidentiality...

HUAWEI HarmonyOS Fingerprint Module Buffer Overflow Vulnerability

HUAWEI HarmonyOS is an operating system from Huawei, China HUAWEI. It provides a microkernel-based, full-scenario distributed operating system. HUAWEI HarmonyOS is vulnerable to a buffer overflow vulnerability. The vulnerability stems from a boundary error when handling untrusted input. An attack...

HUAWEI HarmonyOS has an unspecified vulnerability (CNVD-2022-66176)

HUAWEI HarmonyOS is an operating system from Huawei China. It provides a microkernel-based distributed operating system. A security vulnerability exists in HUAWEI HarmonyOS 2.0, which stems from a post-lock pop-up box issue in the operator's custom USSD service, and could be exploited by an...

Huawei HarmonyOS Buffer Overflow Vulnerability (CNVD-2022-51604)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a security vulnerability that stems from a memory out-of-bounds read/write issue in the video framework. An attacker exploited...

HUAWEI HarmonyOS 安全漏洞

HUAWEI HarmonyOS is an operating system from Huawei China. It provides a microkernel-based distributed operating system. Huawei HarmonyOS version 2.0 contains a security vulnerability that could be exploited by attackers to cause an integrity compromise...

CVE-2022-28705

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, on platforms with an ePVA and the pva.fwdaccel BigDB variable enabled, undisclosed requests to a virtual server with a FastL4 profile that has...