March 22, 2024
Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]
Rewterz Threat Advisory – Cisco Webex Meetings and Redundancy Configuration Manager Vulnerabilities
January 20, 2022
Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
January 20, 2022
Rewterz Threat Advisory – Cisco Webex Meetings and Redundancy Configuration Manager Vulnerabilities
January 20, 2022
Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
January 20, 2022
Severity
High
Analysis Summary
CVE-2022-23021
F5 BIG-IP is vulnerable to a denial of service, caused by a flaw when the HTTP redirect rule in an LTM policy, BIG-IP APM Access Profile, and Explicit HTTP Proxy in HTTP Profile configuration is configured on a virtual server. By sending specially-crafted requests, a remote attacker could exploit this vulnerability to cause the Traffic Management Microkernel (TMM) to terminate, and results in a denial of service condition.
CVE-2022-23020
F5 BIG-IP is vulnerable to a denial of service, caused by a flaw when the “Respond on Error” setting is enabled on the Request Logging profile and configured on a virtual server. By sending specially-crafted requests, a remote attacker could exploit this vulnerability to cause the Traffic Management Microkernel (TMM) to terminate, and results in a denial of service condition.
CVE-2022-23019
F5 BIG-IP is vulnerable to a denial of service, caused by a flaw when a message routing type virtual server is configured with both Diameter Session and Router Profiles. By sending specially-crafted traffic, a remote attacker could exploit this vulnerability to cause an increase in memory resource utilization, and results in a denial of service condition.
CVE-2022-23018
F5 BIG-IP is vulnerable to a denial of service, caused by a flaw when a virtual server is configured with both HTTP protocol security and HTTP Proxy Connect profiles. By sending specially-crafted requests, a remote attacker could exploit this vulnerability to cause the Traffic Management Microkernel (TMM) to terminate, and results in a denial of service condition.
CVE-2022-23017
F5 BIG-IP is vulnerable to a denial of service, caused by a flaw when a virtual server is configured with a DNS profile with the Rapid Response Mode setting enabled. By sending specially-crafted requests, a remote attacker could exploit this vulnerability to cause the Traffic Management Microkernel (TMM) to terminate, and results in a denial of service condition.
CVE-2022-23016
F5 BIG-IP is vulnerable to a denial of service, caused by a flaw when SSL Forward Proxy with TLS 1.3 is configured on a virtual server. By sending specially-crafted requests, a remote attacker could exploit this vulnerability to cause the Traffic Management Microkernel (TMM) to terminate, and results in a denial of service condition.
CVE-2022-23015
F5 BIG-IP is vulnerable to a denial of service, caused by a flaw when a Client SSL profile is configured on a virtual server with Client Certificate Authentication set to request/require and Session Ticket enabled and configured. By sending specially-crafted SSL traffic, a remote attacker could exploit this vulnerability to cause an increase in memory resource utilization, and results in a denial of service condition.
CVE-2022-23014
F5 BIG-IP (APM) is vulnerable to a denial of service, caused by a flaw when the Hportal access is configured on a virtual server. By sending specially-crafted requests, a remote attacker could exploit this vulnerability to cause the Traffic Management Microkernel (TMM) to terminate, and results in a denial of service condition.
CVE-2022-23013
F5 BIG-IP (DNS, GTM) is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Configuration utility. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2022-23012
F5 BIG-IP is vulnerable to a denial of service, caused by a flaw when the HTTP/2 profile is configured on a virtual server. By sending specially-crafted requests, a remote attacker could exploit this vulnerability to cause the Traffic Management Microkernel (TMM) to terminate, and results in a denial of service condition.
Impact
- Denial of Service
- Cross-Site Scripting
Affected Vendors
F5
Affected Products
- F5 BIG-IP 16.1.0
- F5 BIG-IP 16.1.1
- F5 BIG-IP 12.1.0
- F5 BIG-IP 13.1.0
- F5 BIG-IP 15.1.0
- F5 BIG-IP 14.1.0
- F5 BIG-IP (AFM) 12.1.6
- F5 BIG-IP (AFM) 16.0.0
- F5 BIG-IP (AFM) 16.0.1
- F5 BIG-IP (AFM) 16.1.0
- F5 BIG-IP (APM) 15.1.0
- F5 BIG-IP (APM) 15.1.4
- F5 BIG-IP (APM) 16.1.0
- F5 BIG-IP (APM) 16.1.1
- F5 BIG-IP (DNS) 11.6.1
- F5 BIG-IP (DNS) 11.6.5
- F5 BIG-IP (DNS) 12.1.0
- F5 BIG-IP (DNS) 13.1.0
Remediation
Refer to F5 Security Advisory for patch, upgrade or suggested workaround information.
CVE-2022-23021
CVE-2022-23020
CVE-2022-23019
CVE-2022-23018
CVE-2022-23017
CVE-2022-23016
CVE-2022-23015
CVE-2022-23014
CVE-2022-23013
CVE-2022-23012