PT-2022-18273 · F5 · F5 Big-Ip

Published

2022-05-05

Updated

2022-05-13

CVE-2022-27182

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 16.1.2.2 F5 BIG-IP versions prior to 15.1.5.1 F5 BIG-IP versions prior to 14.1.4.6

Description The issue affects F5 BIG-IP when packet filters are enabled and a virtual server is configured with the type set to Reject. In this scenario, undisclosed requests can cause an increase in memory resource utilization.

Recommendations For versions prior to 16.1.2.2, update to version 16.1.2.2 or later to resolve the issue. For versions prior to 15.1.5.1, update to version 15.1.5.1 or later to resolve the issue. For versions prior to 14.1.4.6, update to version 14.1.4.6 or later to resolve the issue.

Fix

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

CVE-2022-27182

Affected Products

F5 Big-Ip

PT-2022-18273 · F5 · F5 Big-Ip

CVE-2022-27182

Weakness Enumeration

Related Identifiers

Affected Products

References · 3