7.5

CVE-2022-28705

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, on platforms with an ePVA and the pva.fwdaccel BigDB variable enabled, undisclosed requests to a virtual server with a FastL4 profile that has ePVA acceleration enabled can cause the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Data is provided by the National Vulnerability Database (NVD)
F5Big-ip Access Policy Manager Version13.1.0
F5Big-ip Access Policy Manager Version13.1.1
F5Big-ip Access Policy Manager Version13.1.3
F5Big-ip Access Policy Manager Version13.1.4
F5Big-ip Access Policy Manager Version13.1.5
F5Big-ip Access Policy Manager Version14.1.0
F5Big-ip Access Policy Manager Version14.1.2
F5Big-ip Access Policy Manager Version14.1.3
F5Big-ip Access Policy Manager Version14.1.4
F5Big-ip Access Policy Manager Version15.1.0
F5Big-ip Access Policy Manager Version15.1.1
F5Big-ip Access Policy Manager Version15.1.2
F5Big-ip Access Policy Manager Version15.1.3
F5Big-ip Access Policy Manager Version15.1.4
F5Big-ip Access Policy Manager Version15.1.5
F5Big-ip Access Policy Manager Version16.1.0
F5Big-ip Access Policy Manager Version16.1.1
F5Big-ip Access Policy Manager Version16.1.2
F5Big-ip Access Policy Manager Version17.0.0
F5Big-ip Analytics Version13.1.0
F5Big-ip Analytics Version13.1.1
F5Big-ip Analytics Version13.1.3
F5Big-ip Analytics Version13.1.4
F5Big-ip Analytics Version13.1.5
F5Big-ip Analytics Version14.1.0
F5Big-ip Analytics Version14.1.2
F5Big-ip Analytics Version14.1.3
F5Big-ip Analytics Version14.1.4
F5Big-ip Analytics Version15.1.0
F5Big-ip Analytics Version15.1.1
F5Big-ip Analytics Version15.1.2
F5Big-ip Analytics Version15.1.3
F5Big-ip Analytics Version15.1.4
F5Big-ip Analytics Version15.1.5
F5Big-ip Analytics Version16.1.0
F5Big-ip Analytics Version16.1.1
F5Big-ip Analytics Version16.1.2
F5Big-ip Analytics Version17.0.0
F5Big-ip Domain Name System Version13.1.0
F5Big-ip Domain Name System Version13.1.1
F5Big-ip Domain Name System Version13.1.3
F5Big-ip Domain Name System Version13.1.4
F5Big-ip Domain Name System Version13.1.5
F5Big-ip Domain Name System Version14.1.0
F5Big-ip Domain Name System Version14.1.2
F5Big-ip Domain Name System Version14.1.3
F5Big-ip Domain Name System Version14.1.4
F5Big-ip Domain Name System Version15.1.0
F5Big-ip Domain Name System Version15.1.1
F5Big-ip Domain Name System Version15.1.2
F5Big-ip Domain Name System Version15.1.3
F5Big-ip Domain Name System Version15.1.4
F5Big-ip Domain Name System Version15.1.5
F5Big-ip Domain Name System Version16.1.0
F5Big-ip Domain Name System Version16.1.1
F5Big-ip Domain Name System Version16.1.2
F5Big-ip Domain Name System Version17.0.0
F5Big-ip Global Traffic Manager Version13.1.0
F5Big-ip Global Traffic Manager Version13.1.1
F5Big-ip Global Traffic Manager Version13.1.3
F5Big-ip Global Traffic Manager Version13.1.4
F5Big-ip Global Traffic Manager Version13.1.5
F5Big-ip Global Traffic Manager Version14.1.0
F5Big-ip Global Traffic Manager Version14.1.2
F5Big-ip Global Traffic Manager Version14.1.3
F5Big-ip Global Traffic Manager Version14.1.4
F5Big-ip Global Traffic Manager Version15.1.0
F5Big-ip Global Traffic Manager Version15.1.1
F5Big-ip Global Traffic Manager Version15.1.2
F5Big-ip Global Traffic Manager Version15.1.3
F5Big-ip Global Traffic Manager Version15.1.4
F5Big-ip Global Traffic Manager Version15.1.5
F5Big-ip Global Traffic Manager Version16.1.0
F5Big-ip Global Traffic Manager Version16.1.1
F5Big-ip Global Traffic Manager Version16.1.2
F5Big-ip Global Traffic Manager Version17.0.0
F5Big-ip Link Controller Version13.1.0
F5Big-ip Link Controller Version13.1.1
F5Big-ip Link Controller Version13.1.3
F5Big-ip Link Controller Version13.1.4
F5Big-ip Link Controller Version13.1.5
F5Big-ip Link Controller Version14.1.0
F5Big-ip Link Controller Version14.1.2
F5Big-ip Link Controller Version14.1.3
F5Big-ip Link Controller Version14.1.4
F5Big-ip Link Controller Version15.1.0
F5Big-ip Link Controller Version15.1.1
F5Big-ip Link Controller Version15.1.2
F5Big-ip Link Controller Version15.1.3
F5Big-ip Link Controller Version15.1.4
F5Big-ip Link Controller Version15.1.5
F5Big-ip Link Controller Version16.1.0
F5Big-ip Link Controller Version16.1.1
F5Big-ip Link Controller Version16.1.2
F5Big-ip Link Controller Version17.0.0
F5Big-ip Local Traffic Manager Version13.1.0
F5Big-ip Local Traffic Manager Version13.1.1
F5Big-ip Local Traffic Manager Version13.1.3
F5Big-ip Local Traffic Manager Version13.1.4
F5Big-ip Local Traffic Manager Version13.1.5
F5Big-ip Local Traffic Manager Version14.1.0
F5Big-ip Local Traffic Manager Version14.1.2
F5Big-ip Local Traffic Manager Version14.1.3
F5Big-ip Local Traffic Manager Version14.1.4
F5Big-ip Local Traffic Manager Version15.1.0
F5Big-ip Local Traffic Manager Version15.1.1
F5Big-ip Local Traffic Manager Version15.1.2
F5Big-ip Local Traffic Manager Version15.1.3
F5Big-ip Local Traffic Manager Version15.1.4
F5Big-ip Local Traffic Manager Version15.1.5
F5Big-ip Local Traffic Manager Version16.1.0
F5Big-ip Local Traffic Manager Version16.1.1
F5Big-ip Local Traffic Manager Version16.1.2
F5Big-ip Local Traffic Manager Version17.0.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.9% 0.746
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
f5sirt@f5.com 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.