PT-2022-17652 · F5 · Big-Ip
Published
2022-05-05
·
Updated
2022-05-16
·
CVE-2022-26071
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
F5 BIG-IP versions prior to 16.1.2.2
F5 BIG-IP versions prior to 15.1.5.1
F5 BIG-IP versions prior to 14.1.4.6
F5 BIG-IP versions prior to 13.1.5
F5 BIG-IP versions 12.1.x
F5 BIG-IP versions 11.6.x
Description
A flaw in the Traffic Management Microkernel (TMM) allows an attacker to quickly scan open UDP ports by exploiting the way reply ICMP packets are limited. This issue enables an off-path remote attacker to bypass source port UDP randomization.
Recommendations
For versions prior to 16.1.2.2, update to version 16.1.2.2 or later.
For versions prior to 15.1.5.1, update to version 15.1.5.1 or later.
For versions prior to 14.1.4.6, update to version 14.1.4.6 or later.
For versions prior to 13.1.5, update to version 13.1.5 or later.
For versions 12.1.x and 11.6.x, consider disabling the Traffic Management Microkernel (TMM) or restricting its use until a patch is available, as these versions have reached End of Technical Support (EoTS).
Fix
Use of Insufficiently Random Values
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Big-Ip