CVE-2022-34651
04.08.2022, 18:15
In BIG-IP Versions 16.1.x before 16.1.3.1 and 15.1.x before 15.1.6.1, when an LTM Client or Server SSL profile with TLS 1.3 enabled is configured on a virtual server, along with an iRule that calls HTTP::respond, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.Enginsight
| Vendor | Product | Version |
|---|---|---|
| f5 | big-ip_access_policy_manager | 15.1.0 ≤ 𝑥 < 15.1.6.1 |
| f5 | big-ip_access_policy_manager | 16.1.0 ≤ 𝑥 < 16.1.3.1 |
| f5 | big-ip_advanced_firewall_manager | 15.1.0 ≤ 𝑥 < 15.1.6.1 |
| f5 | big-ip_advanced_firewall_manager | 16.1.0 ≤ 𝑥 < 16.1.3.1 |
| f5 | big-ip_analytics | 15.1.0 ≤ 𝑥 < 15.1.6.1 |
| f5 | big-ip_analytics | 16.1.0 ≤ 𝑥 < 16.1.3.1 |
| f5 | big-ip_application_acceleration_manager | 15.1.0 ≤ 𝑥 < 15.1.6.1 |
| f5 | big-ip_application_acceleration_manager | 16.1.0 ≤ 𝑥 < 16.1.3.1 |
| f5 | big-ip_application_security_manager | 15.1.0 ≤ 𝑥 < 15.1.6.1 |
| f5 | big-ip_application_security_manager | 16.1.0 ≤ 𝑥 < 16.1.3.1 |
| f5 | big-ip_domain_name_system | 15.1.0 ≤ 𝑥 < 15.1.6.1 |
| f5 | big-ip_domain_name_system | 16.1.0 ≤ 𝑥 < 16.1.3.1 |
| f5 | big-ip_fraud_protection_service | 15.1.0 ≤ 𝑥 < 15.1.6.1 |
| f5 | big-ip_fraud_protection_service | 16.1.0 ≤ 𝑥 < 16.1.3.1 |
| f5 | big-ip_global_traffic_manager | 15.1.0 ≤ 𝑥 < 15.1.6.1 |
| f5 | big-ip_global_traffic_manager | 16.1.0 ≤ 𝑥 < 16.1.3.1 |
| f5 | big-ip_link_controller | 15.1.0 ≤ 𝑥 < 15.1.6.1 |
| f5 | big-ip_link_controller | 16.1.0 ≤ 𝑥 < 16.1.3.1 |
| f5 | big-ip_local_traffic_manager | 15.1.0 ≤ 𝑥 < 15.1.6.1 |
| f5 | big-ip_local_traffic_manager | 16.1.0 ≤ 𝑥 < 16.1.3.1 |
| f5 | big-ip_policy_enforcement_manager | 15.1.0 ≤ 𝑥 < 15.1.6.1 |
| f5 | big-ip_policy_enforcement_manager | 16.1.0 ≤ 𝑥 < 16.1.3.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration