CVE-2022-41694 - Vulnerability Details

Vendors	Products
F5	Big-ip Access Policy Manager Big-ip Advanced Firewall Manager Big-ip Analytics Big-ip Application Acceleration Manager Big-ip Application Security Manager Big-ip Domain Name System Big-ip Fraud Protection Service Big-ip Global Traffic Manager Big-ip Link Controller Big-ip Local Traffic Manager Big-ip Policy Enforcement Manager

Link	Providers
https://support.f5.com/csp/article/K64829234

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-41694", "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "assignerShortName": "f5", "datePublished": "2022-10-19T21:20:06.272Z", "dateUpdated": "2025-05-08T18:12:35.198Z", "dateReserved": "2022-09-30T00:00:00.000Z"}, "containers": {"cna": {"title": "BIG-IP and BIG-IQ mcpd vulnerability CVE-2022-41694", "datePublic": "2022-10-19T00:00:00.000Z", "providerMetadata": {"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "shortName": "f5", "dateUpdated": "2022-10-19T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "In BIG-IP versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, and BIG-IQ versions 8.x before 8.2.0.1 and all versions of 7.x, when an SSL key is imported on a BIG-IP or BIG-IQ system, undisclosed input can cause MCPD to terminate."}], "affected": [{"vendor": "F5", "product": "BIG-IP", "versions": [{"version": "17.0.0", "status": "unaffected", "lessThan": "17.0.x*", "versionType": "custom"}, {"version": "16.1.x", "status": "affected", "lessThan": "16.1.3", "versionType": "custom"}, {"version": "15.1.x", "status": "affected", "lessThan": "15.1.6.1", "versionType": "custom"}, {"version": "14.1.x", "status": "affected", "lessThan": "14.1.5", "versionType": "custom"}, {"version": "13.1.0", "status": "affected", "lessThan": "13.1.x*", "versionType": "custom"}]}, {"vendor": "F5", "product": "BIG-IQ", "versions": [{"version": "8.x", "status": "affected", "lessThan": "8.2.0.1", "versionType": "custom"}, {"version": "7.1.0", "status": "affected", "lessThan": "7.1.x*", "versionType": "custom"}]}], "references": [{"url": "https://support.f5.com/csp/article/K64829234"}], "credits": [{"lang": "en", "value": "This issue was discovered internally by F5."}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 4.9, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-20 Improper Input Validation", "cweId": "CWE-20"}]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "source": {"discovery": "INTERNAL"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T12:49:43.528Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.f5.com/csp/article/K64829234", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-08T18:12:27.828419Z", "id": "CVE-2022-41694", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-08T18:12:35.198Z"}}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

state : PUBLISHED (string)

cveId : CVE-2022-41694 (string)

assignerOrgId : 9dacffd4-cb11-413f-8451-fbbfd4ddc0ab (string)

assignerShortName : f5 (string)

datePublished : 2022-10-19T21:20:06.272Z (string)

dateUpdated : 2025-05-08T18:12:35.198Z (string)

dateReserved : 2022-09-30T00:00:00.000Z (string)

}

containers : { »

cna : { »

title : BIG-IP and BIG-IQ mcpd vulnerability CVE-2022-41694 (string)

datePublic : 2022-10-19T00:00:00.000Z (string)

providerMetadata : { »

orgId : 9dacffd4-cb11-413f-8451-fbbfd4ddc0ab (string)

shortName : f5 (string)

dateUpdated : 2022-10-19T00:00:00.000Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In BIG-IP versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, and BIG-IQ versions 8.x before 8.2.0.1 and all versions of 7.x, when an SSL key is imported on a BIG-IP or BIG-IQ system, undisclosed input can cause MCPD to terminate. (string)

}

]

affected : [ »

0 : { »

vendor : F5 (string)

product : BIG-IP (string)

versions : [ »

0 : { »

version : 17.0.0 (string)

status : unaffected (string)

lessThan : 17.0.x* (string)

versionType : custom (string)

}

1 : { »

version : 16.1.x (string)

status : affected (string)

lessThan : 16.1.3 (string)

versionType : custom (string)

}

2 : { »

version : 15.1.x (string)

status : affected (string)

lessThan : 15.1.6.1 (string)

versionType : custom (string)

}

3 : { »

version : 14.1.x (string)

status : affected (string)

lessThan : 14.1.5 (string)

versionType : custom (string)

}

4 : { »

version : 13.1.0 (string)

status : affected (string)

lessThan : 13.1.x* (string)

versionType : custom (string)

}

]

}

1 : { »

vendor : F5 (string)

product : BIG-IQ (string)

versions : [ »

0 : { »

version : 8.x (string)

status : affected (string)

lessThan : 8.2.0.1 (string)

versionType : custom (string)

}

1 : { »

version : 7.1.0 (string)

status : affected (string)

lessThan : 7.1.x* (string)

versionType : custom (string)

}

]

}

]

references : [ »

0 : { »

url : https://support.f5.com/csp/article/K64829234 (string)

}

]

credits : [ »

0 : { »

lang : en (string)

value : This issue was discovered internally by F5. (string)

}

]

metrics : [ »

0 : { »

cvssV3_1 : { »

version : 3.1 (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H (string)

attackVector : NETWORK (string)

attackComplexity : LOW (string)

privilegesRequired : HIGH (string)

userInteraction : NONE (string)

scope : UNCHANGED (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

availabilityImpact : HIGH (string)

baseScore : 4.9 (number)

baseSeverity : MEDIUM (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

type : CWE (string)

lang : en (string)

description : CWE-20 Improper Input Validation (string)

cweId : CWE-20 (string)

}

]

}

]

x_generator : { »

engine : Vulnogram 0.0.9 (string)

}

source : { »

discovery : INTERNAL (string)

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T12:49:43.528Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://support.f5.com/csp/article/K64829234 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

1 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2025-05-08T18:12:27.828419Z (string)

id : CVE-2022-41694 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2025-05-08T18:12:35.198Z (string)

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://support.f5.com/csp/article/K64829234", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T12:49:43.528Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-41694", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-08T18:12:27.828419Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-08T18:12:31.710Z"}}], "cna": {"title": "BIG-IP and BIG-IQ mcpd vulnerability CVE-2022-41694", "source": {"discovery": "INTERNAL"}, "credits": [{"lang": "en", "value": "This issue was discovered internally by F5."}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "F5", "product": "BIG-IP", "versions": [{"status": "unaffected", "version": "17.0.0", "lessThan": "17.0.x*", "versionType": "custom"}, {"status": "affected", "version": "16.1.x", "lessThan": "16.1.3", "versionType": "custom"}, {"status": "affected", "version": "15.1.x", "lessThan": "15.1.6.1", "versionType": "custom"}, {"status": "affected", "version": "14.1.x", "lessThan": "14.1.5", "versionType": "custom"}, {"status": "affected", "version": "13.1.0", "lessThan": "13.1.x*", "versionType": "custom"}]}, {"vendor": "F5", "product": "BIG-IQ", "versions": [{"status": "affected", "version": "8.x", "lessThan": "8.2.0.1", "versionType": "custom"}, {"status": "affected", "version": "7.1.0", "lessThan": "7.1.x*", "versionType": "custom"}]}], "datePublic": "2022-10-19T00:00:00.000Z", "references": [{"url": "https://support.f5.com/csp/article/K64829234"}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "descriptions": [{"lang": "en", "value": "In BIG-IP versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, and BIG-IQ versions 8.x before 8.2.0.1 and all versions of 7.x, when an SSL key is imported on a BIG-IP or BIG-IQ system, undisclosed input can cause MCPD to terminate."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "shortName": "f5", "dateUpdated": "2022-10-19T00:00:00.000Z"}}}, "cveMetadata": {"cveId": "CVE-2022-41694", "state": "PUBLISHED", "dateUpdated": "2025-05-08T18:12:35.198Z", "dateReserved": "2022-09-30T00:00:00.000Z", "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "datePublished": "2022-10-19T21:20:06.272Z", "assignerShortName": "f5"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://support.f5.com/csp/article/K64829234 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T12:49:43.528Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2022-41694 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2025-05-08T18:12:27.828419Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2025-05-08T18:12:31.710Z (string)

}

]

cna : { »

title : BIG-IP and BIG-IQ mcpd vulnerability CVE-2022-41694 (string)

source : { »

discovery : INTERNAL (string)

}

credits : [ »

0 : { »

lang : en (string)

value : This issue was discovered internally by F5. (string)

}

]

metrics : [ »

0 : { »

cvssV3_1 : { »

scope : UNCHANGED (string)

version : 3.1 (string)

baseScore : 4.9 (number)

attackVector : NETWORK (string)

baseSeverity : MEDIUM (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H (string)

integrityImpact : NONE (string)

userInteraction : NONE (string)

attackComplexity : LOW (string)

availabilityImpact : HIGH (string)

privilegesRequired : HIGH (string)

confidentialityImpact : NONE (string)

}

]

affected : [ »

0 : { »

vendor : F5 (string)

product : BIG-IP (string)

versions : [ »

0 : { »

status : unaffected (string)

version : 17.0.0 (string)

lessThan : 17.0.x* (string)

versionType : custom (string)

}

1 : { »

status : affected (string)

version : 16.1.x (string)

lessThan : 16.1.3 (string)

versionType : custom (string)

}

2 : { »

status : affected (string)

version : 15.1.x (string)

lessThan : 15.1.6.1 (string)

versionType : custom (string)

}

3 : { »

status : affected (string)

version : 14.1.x (string)

lessThan : 14.1.5 (string)

versionType : custom (string)

}

4 : { »

status : affected (string)

version : 13.1.0 (string)

lessThan : 13.1.x* (string)

versionType : custom (string)

}

]

}

1 : { »

vendor : F5 (string)

product : BIG-IQ (string)

versions : [ »

0 : { »

status : affected (string)

version : 8.x (string)

lessThan : 8.2.0.1 (string)

versionType : custom (string)

}

1 : { »

status : affected (string)

version : 7.1.0 (string)

lessThan : 7.1.x* (string)

versionType : custom (string)

}

]

}

]

datePublic : 2022-10-19T00:00:00.000Z (string)

references : [ »

0 : { »

url : https://support.f5.com/csp/article/K64829234 (string)

}

]

x_generator : { »

engine : Vulnogram 0.0.9 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In BIG-IP versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, and BIG-IQ versions 8.x before 8.2.0.1 and all versions of 7.x, when an SSL key is imported on a BIG-IP or BIG-IQ system, undisclosed input can cause MCPD to terminate. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

type : CWE (string)

cweId : CWE-20 (string)

description : CWE-20 Improper Input Validation (string)

}

]

}

]

providerMetadata : { »

orgId : 9dacffd4-cb11-413f-8451-fbbfd4ddc0ab (string)

shortName : f5 (string)

dateUpdated : 2022-10-19T00:00:00.000Z (string)

}

cveMetadata : { »

cveId : CVE-2022-41694 (string)

state : PUBLISHED (string)

dateUpdated : 2025-05-08T18:12:35.198Z (string)

dateReserved : 2022-09-30T00:00:00.000Z (string)

assignerOrgId : 9dacffd4-cb11-413f-8451-fbbfd4ddc0ab (string)

datePublished : 2022-10-19T21:20:06.272Z (string)

assignerShortName : f5 (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "D93F04AD-DF14-48AB-9F13-8B2E491CF42E", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "854440E5-A3F0-46AF-B63A-BEF9C925A212", "versionEndExcluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "160570FB-7707-4362-90B0-F8C8FE8BA38B", "versionEndExcluding": "15.1.6.1", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "A99CB42B-E097-4DD4-8E9C-2EFA40282610", "versionEndExcluding": "16.1.3", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "6603ED6A-3366-4572-AFCD-B3D4B1EC7606", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "F0F46FE1-6247-4A18-9842-0EAFE9DDD93A", "versionEndExcluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "1FADD47D-1A4C-430F-B7C7-763F72893824", "versionEndExcluding": "15.1.6.1", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "68EF5B09-64F7-4EE4-9353-242A1BA03F2F", "versionEndExcluding": "16.1.3", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "9167FEC1-2C37-4946-9657-B4E69301FB24", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "08390071-5FA5-492D-A00A-1F901A51E07D", "versionEndExcluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "2728406D-E27A-4434-BC3B-4D844F0E7BA0", "versionEndExcluding": "15.1.6.1", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "2EBF01C0-F507-4FDB-812D-7AEC19369361", "versionEndExcluding": "16.1.3", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "7EC2324D-EC8B-41DF-88A7-819E53AAD0FC", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "C904FE7E-26A6-4111-B3B0-015BD40133C7", "versionEndExcluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "5E7BD4CE-189E-4CA9-BE66-14A9CED7B63B", "versionEndExcluding": "15.1.6.1", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "F6924C31-C62C-46BE-BB91-38BC5F1794C4", "versionEndExcluding": "16.1.3", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "93768065-555D-46EA-A6E4-00EA467573AA", "versionEndExcluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "9063A656-93B0-41B1-ADB3-799AC23CE899", "versionEndExcluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "1E51349F-E198-4643-A10D-6C1D35E10F0D", "versionEndExcluding": "15.1.6.1", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "50BE591A-6677-4FCB-B2C9-CB43B463F832", "versionEndExcluding": "16.1.3", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "08B25AAB-A98C-4F89-9131-29E3A8C0ED23", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "E4F5076B-25A0-404F-8045-BBDAB8531B31", "versionEndExcluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "FDC0EE80-B537-4061-8D25-7BEE1A8191DE", "versionEndExcluding": "15.1.6.1", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "9B22A853-A2B8-4DF7-BC59-4DC1E98F1D86", "versionEndExcluding": "16.1.3", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "E3D2ABA3-D4A9-4267-B0DF-7C3BBEEAEB66", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "BE216ACB-E56A-4839-8A06-56506B5E9871", "versionEndExcluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "2E49DAA0-9716-4D3A-87D4-CE55E6480CE0", "versionEndExcluding": "15.1.6.1", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "A2DA7C0A-21A0-49CB-B0DA-28131A65E4E6", "versionEndExcluding": "16.1.3", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E6018B01-048C-43BB-A78D-66910ED60CA9", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "3D31C5B6-DF43-44CA-B8D4-8751B4804225", "versionEndExcluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "C92185E0-F49B-41E2-815C-93C5643C2CAA", "versionEndExcluding": "15.1.6.1", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "A44A441E-E084-4D9F-A452-38BE8442FDA4", "versionEndExcluding": "16.1.3", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "D9EC2237-117F-43BD-ADEC-516CF72E04EF", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "7D8BF6B2-A36E-457F-972E-AD15AC6FE680", "versionEndExcluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC49DC01-B0B5-41DF-8B8B-CCE0AED8748C", "versionEndExcluding": "15.1.6.1", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "361720BA-4A5E-442E-A0C7-6D4B9780DE11", "versionEndExcluding": "16.1.3", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "0360F76D-E75E-4B05-A294-B47012323ED9", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E9DB433B-0213-4EA7-87A6-9DAE5F31F2CB", "versionEndExcluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "D0E7A929-53FF-482D-9935-E3B2E6C9D174", "versionEndExcluding": "15.1.6.1", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "F651B5BB-67E9-4917-BD05-06A1A81E22BC", "versionEndExcluding": "16.1.3", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "8257AA59-C14D-4EC1-B22C-DFBB92CBC297", "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "260DF4DE-A303-4460-B83B-C880B5996A3A", "versionEndExcluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "4DCF4D67-ECC3-4808-AF91-CA2BE17E5E8D", "versionEndExcluding": "15.1.6.1", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "30AE984E-7845-4531-BE9A-BFA92542C92F", "versionEndExcluding": "16.1.3", "versionStartIncluding": "16.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In BIG-IP versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, and BIG-IQ versions 8.x before 8.2.0.1 and all versions of 7.x, when an SSL key is imported on a BIG-IP or BIG-IQ system, undisclosed input can cause MCPD to terminate."}, {"lang": "es", "value": "En BIG-IP versiones 16.1.x anteriores a 16.1.3, 15.1.x anteriores a 15.1.6.1, 14.1.x anteriores a 14.1.5 y todas las versiones de la 13.1.x, y en las versiones de BIG-IQ 8.x anteriores a 8.2.0.1 y todas las versiones de la 7.x, cuando es importada una clave SSL en un sistema BIG-IP o BIG-IQ, la entrada no revelada puede causar la terminaci\u00f3n de MCPD"}], "id": "CVE-2022-41694", "lastModified": "2024-11-21T07:23:39.873", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "f5sirt@f5.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-10-19T22:15:12.567", "references": [{"source": "f5sirt@f5.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://support.f5.com/csp/article/K64829234"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://support.f5.com/csp/article/K64829234"}], "sourceIdentifier": "f5sirt@f5.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "f5sirt@f5.com", "type": "Secondary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D93F04AD-DF14-48AB-9F13-8B2E491CF42E (string)

versionEndIncluding : 13.1.5 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 854440E5-A3F0-46AF-B63A-BEF9C925A212 (string)

versionEndExcluding : 14.1.5 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 160570FB-7707-4362-90B0-F8C8FE8BA38B (string)

versionEndExcluding : 15.1.6.1 (string)

versionStartIncluding : 15.1.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : A99CB42B-E097-4DD4-8E9C-2EFA40282610 (string)

versionEndExcluding : 16.1.3 (string)

versionStartIncluding : 16.1.0 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 6603ED6A-3366-4572-AFCD-B3D4B1EC7606 (string)

versionEndIncluding : 13.1.5 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F0F46FE1-6247-4A18-9842-0EAFE9DDD93A (string)

versionEndExcluding : 14.1.5 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 1FADD47D-1A4C-430F-B7C7-763F72893824 (string)

versionEndExcluding : 15.1.6.1 (string)

versionStartIncluding : 15.1.0 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 68EF5B09-64F7-4EE4-9353-242A1BA03F2F (string)

versionEndExcluding : 16.1.3 (string)

versionStartIncluding : 16.1.0 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 9167FEC1-2C37-4946-9657-B4E69301FB24 (string)

versionEndIncluding : 13.1.5 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 08390071-5FA5-492D-A00A-1F901A51E07D (string)

versionEndExcluding : 14.1.5 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 2728406D-E27A-4434-BC3B-4D844F0E7BA0 (string)

versionEndExcluding : 15.1.6.1 (string)

versionStartIncluding : 15.1.0 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 2EBF01C0-F507-4FDB-812D-7AEC19369361 (string)

versionEndExcluding : 16.1.3 (string)

versionStartIncluding : 16.1.0 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 7EC2324D-EC8B-41DF-88A7-819E53AAD0FC (string)

versionEndIncluding : 13.1.5 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : C904FE7E-26A6-4111-B3B0-015BD40133C7 (string)

versionEndExcluding : 14.1.5 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 5E7BD4CE-189E-4CA9-BE66-14A9CED7B63B (string)

versionEndExcluding : 15.1.6.1 (string)

versionStartIncluding : 15.1.0 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F6924C31-C62C-46BE-BB91-38BC5F1794C4 (string)

versionEndExcluding : 16.1.3 (string)

versionStartIncluding : 16.1.0 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 93768065-555D-46EA-A6E4-00EA467573AA (string)

versionEndExcluding : 13.1.5 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 9063A656-93B0-41B1-ADB3-799AC23CE899 (string)

versionEndExcluding : 14.1.5 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 1E51349F-E198-4643-A10D-6C1D35E10F0D (string)

versionEndExcluding : 15.1.6.1 (string)

versionStartIncluding : 15.1.0 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 50BE591A-6677-4FCB-B2C9-CB43B463F832 (string)

versionEndExcluding : 16.1.3 (string)

versionStartIncluding : 16.1.0 (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 08B25AAB-A98C-4F89-9131-29E3A8C0ED23 (string)

versionEndIncluding : 13.1.5 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* (string)

matchCriteriaId : E4F5076B-25A0-404F-8045-BBDAB8531B31 (string)

versionEndExcluding : 14.1.5 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FDC0EE80-B537-4061-8D25-7BEE1A8191DE (string)

versionEndExcluding : 15.1.6.1 (string)

versionStartIncluding : 15.1.0 (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 9B22A853-A2B8-4DF7-BC59-4DC1E98F1D86 (string)

versionEndExcluding : 16.1.3 (string)

versionStartIncluding : 16.1.0 (string)

vulnerable : true (boolean)

}

24 : { »

criteria : cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* (string)

matchCriteriaId : E3D2ABA3-D4A9-4267-B0DF-7C3BBEEAEB66 (string)

versionEndIncluding : 13.1.5 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

25 : { »

criteria : cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* (string)

matchCriteriaId : BE216ACB-E56A-4839-8A06-56506B5E9871 (string)

versionEndExcluding : 14.1.5 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

26 : { »

criteria : cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 2E49DAA0-9716-4D3A-87D4-CE55E6480CE0 (string)

versionEndExcluding : 15.1.6.1 (string)

versionStartIncluding : 15.1.0 (string)

vulnerable : true (boolean)

}

27 : { »

criteria : cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* (string)

matchCriteriaId : A2DA7C0A-21A0-49CB-B0DA-28131A65E4E6 (string)

versionEndExcluding : 16.1.3 (string)

versionStartIncluding : 16.1.0 (string)

vulnerable : true (boolean)

}

28 : { »

criteria : cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : E6018B01-048C-43BB-A78D-66910ED60CA9 (string)

versionEndIncluding : 13.1.5 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

29 : { »

criteria : cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 3D31C5B6-DF43-44CA-B8D4-8751B4804225 (string)

versionEndExcluding : 14.1.5 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

30 : { »

criteria : cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : C92185E0-F49B-41E2-815C-93C5643C2CAA (string)

versionEndExcluding : 15.1.6.1 (string)

versionStartIncluding : 15.1.0 (string)

vulnerable : true (boolean)

}

31 : { »

criteria : cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : A44A441E-E084-4D9F-A452-38BE8442FDA4 (string)

versionEndExcluding : 16.1.3 (string)

versionStartIncluding : 16.1.0 (string)

vulnerable : true (boolean)

}

32 : { »

criteria : cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D9EC2237-117F-43BD-ADEC-516CF72E04EF (string)

versionEndIncluding : 13.1.5 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

33 : { »

criteria : cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 7D8BF6B2-A36E-457F-972E-AD15AC6FE680 (string)

versionEndExcluding : 14.1.5 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

34 : { »

criteria : cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* (string)

matchCriteriaId : EC49DC01-B0B5-41DF-8B8B-CCE0AED8748C (string)

versionEndExcluding : 15.1.6.1 (string)

versionStartIncluding : 15.1.0 (string)

vulnerable : true (boolean)

}

35 : { »

criteria : cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 361720BA-4A5E-442E-A0C7-6D4B9780DE11 (string)

versionEndExcluding : 16.1.3 (string)

versionStartIncluding : 16.1.0 (string)

vulnerable : true (boolean)

}

36 : { »

criteria : cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 0360F76D-E75E-4B05-A294-B47012323ED9 (string)

versionEndIncluding : 13.1.5 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

37 : { »

criteria : cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : E9DB433B-0213-4EA7-87A6-9DAE5F31F2CB (string)

versionEndExcluding : 14.1.5 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

38 : { »

criteria : cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D0E7A929-53FF-482D-9935-E3B2E6C9D174 (string)

versionEndExcluding : 15.1.6.1 (string)

versionStartIncluding : 15.1.0 (string)

vulnerable : true (boolean)

}

39 : { »

criteria : cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F651B5BB-67E9-4917-BD05-06A1A81E22BC (string)

versionEndExcluding : 16.1.3 (string)

versionStartIncluding : 16.1.0 (string)

vulnerable : true (boolean)

}

40 : { »

criteria : cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 8257AA59-C14D-4EC1-B22C-DFBB92CBC297 (string)

versionEndIncluding : 13.1.5 (string)

versionStartIncluding : 13.1.0 (string)

vulnerable : true (boolean)

}

41 : { »

criteria : cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 260DF4DE-A303-4460-B83B-C880B5996A3A (string)

versionEndExcluding : 14.1.5 (string)

versionStartIncluding : 14.1.0 (string)

vulnerable : true (boolean)

}

42 : { »

criteria : cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 4DCF4D67-ECC3-4808-AF91-CA2BE17E5E8D (string)

versionEndExcluding : 15.1.6.1 (string)

versionStartIncluding : 15.1.0 (string)

vulnerable : true (boolean)

}

43 : { »

criteria : cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 30AE984E-7845-4531-BE9A-BFA92542C92F (string)

versionEndExcluding : 16.1.3 (string)

versionStartIncluding : 16.1.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : In BIG-IP versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, and BIG-IQ versions 8.x before 8.2.0.1 and all versions of 7.x, when an SSL key is imported on a BIG-IP or BIG-IQ system, undisclosed input can cause MCPD to terminate. (string)

}

1 : { »

lang : es (string)

value : En BIG-IP versiones 16.1.x anteriores a 16.1.3, 15.1.x anteriores a 15.1.6.1, 14.1.x anteriores a 14.1.5 y todas las versiones de la 13.1.x, y en las versiones de BIG-IQ 8.x anteriores a 8.2.0.1 y todas las versiones de la 7.x, cuando es importada una clave SSL en un sistema BIG-IP o BIG-IQ, la entrada no revelada puede causar la terminación de MCPD (string)

}

]

id : CVE-2022-41694 (string)

lastModified : 2024-11-21T07:23:39.873 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 4.9 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : HIGH (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.2 (number)

impactScore : 3.6 (number)

source : f5sirt@f5.com (string)

type : Secondary (string)

}

1 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 4.9 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : HIGH (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.2 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2022-10-19T22:15:12.567 (string)

references : [ »

0 : { »

source : f5sirt@f5.com (string)

tags : [ »

0 : Mitigation (string)

1 : Vendor Advisory (string)

]

url : https://support.f5.com/csp/article/K64829234 (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mitigation (string)

1 : Vendor Advisory (string)

]

url : https://support.f5.com/csp/article/K64829234 (string)

}

]

sourceIdentifier : f5sirt@f5.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-20 (string)

}

]

source : f5sirt@f5.com (string)

type : Secondary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object