PT-2022-15794 · F5 · Big-Ip Afm
Published
2022-01-25
·
Updated
2022-02-01
·
CVE-2022-23028
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
BIG-IP AFM versions 13.1.x
BIG-IP AFM versions 14.1.x through 14.1.4.4
BIG-IP AFM versions 15.1.x through 15.1.4
BIG-IP AFM versions 16.x through 16.0.x
Description
When global AFM SYN cookie protection is activated in the AFM Device Dos or DOS profile, certain types of TCP connections will fail.
Recommendations
For BIG-IP AFM version 13.1.x, there is no information about a newer version that contains a fix for this issue.
For BIG-IP AFM versions 14.1.x through 14.1.4.4, update to version 14.1.4.5 or later.
For BIG-IP AFM versions 15.1.x through 15.1.4, update to version 15.1.5 or later.
For BIG-IP AFM versions 16.x through 16.0.x, update to version 16.1.0 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Big-Ip Afm