Big-ip Advanced Web Application Firewall Security Vulnerabilities and Issues — Big-ip Advanced Web Application Firewall CVE List

Lucene search

F5Big-ip Advanced Web Application Firewall

4 matches found

CVE•added 2022/10/19 10:15 p.m.•64 views

CVE-2022-41983

On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, while Intel QAT (QuickAssist Technology) and the AES-GCM/CCM cipher is in use, undisclosed conditions can cause BIG-IP to send data unencrypted even w...

3.7CVSS4.5AI score0.0015EPSS

CVE•added 2022/10/19 10:15 p.m.•61 views

CVE-2022-41617

In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, When the Advanced WAF / ASM module is provisioned, an authenticated remote code execution vulnerability exists in the BIG-IP iControl REST interface.

7.2CVSS7.5AI score0.03412EPSS

CVE•added 2022/10/19 10:15 p.m.•60 views

CVE-2022-41691

When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate.

7.5CVSS7.6AI score0.00344EPSS

CVE•added 2022/10/19 10:15 p.m.•59 views

CVE-2022-41836

When an 'Attack Signature False Positive Mode' enabled security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate.

7.5CVSS7.6AI score0.0041EPSS