F5 Products Multiple Vulnerabilities
Release Date: 21 Oct 2022
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities were identified in F5 Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, sensitive information disclosure and security restriction bypass on the targeted system.
Impact
- Denial of Service
- Elevation of Privilege
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- BIG-IP (Advanced WAF, ASM)
- BIG-IP (AFM)
- BIG-IP (AFM, PEM)
- BIG-IP (all modules)
- BIG-IP (DNS, LTM enabled with DNS Services license)
- BIG-IQ Centralized Management
- F5OS-A
- F5OS-C
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
Vulnerability Identifier
- CVE-2021-40490
- CVE-2022-36795
- CVE-2022-38177
- CVE-2022-41617
- CVE-2022-41624
- CVE-2022-41691
- CVE-2022-41694
- CVE-2022-41741
- CVE-2022-41742
- CVE-2022-41743
- CVE-2022-41770
- CVE-2022-41780
- CVE-2022-41787
- CVE-2022-41806
- CVE-2022-41813
- CVE-2022-41832
- CVE-2022-41833
- CVE-2022-41835
- CVE-2022-41836
- CVE-2022-41983
沒有留言:
發佈留言