CVE-2022-41813

Summary

In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when BIG-IP is provisioned with PEM or AFM module, an undisclosed input can cause Traffic Management Microkernel (TMM) to terminate.

Affected Software

VendorProductVersion RangeStatus
F5BIG-IP AFM & PEM17.0.0 < 17.0.x*unaffected
F5BIG-IP AFM & PEM16.1.x < 16.1.3.1affected
F5BIG-IP AFM & PEM15.1.x < 15.1.6.1affected
F5BIG-IP AFM & PEM14.1.x < 14.1.5affected
F5BIG-IP AFM & PEM13.1.0 < 13.1.x*affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References