CVE-2022-35272
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In BIG-IP Versions 17.0.x before 17.0.0.1 and 16.1.x before 16.1.3.1, when source-port preserve-strict is configured on an HTTP Message Routing Framework (MRF) virtual server, undisclosed traffic may cause the Traffic Management Microkernel (TMM) to produce a core file and the connection to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| F5 | BIG-IP | 13.1.0 < 13.1.x* | unaffected |
| F5 | BIG-IP | 14.1.0 < 14.1.x* | unaffected |
| F5 | BIG-IP | 15.1.0 < 15.1.x* | unaffected |
| F5 | BIG-IP | 16.1.x < 16.1.3.1 | affected |
| F5 | BIG-IP | 17.0.x < 17.0.0.1 | affected |
Weaknesses
- CWE-404: CWE-404 Improper Resource Shutdown or Release
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.