On November 16, 2022, F5 announced the following issues. This document is intended to serve as an overview of these issues to help determine the impact to your F5 devices. You can find the details of each issue in the associated articles.
Distributed Cloud and Managed Services
Service | Status |
---|---|
F5 Distributed Cloud Services | Does not affect or has been resolved |
Silverline | Does not affect or has been resolved |
Threat Stack | Does not affect or has been resolved |
High CVEs
Article (CVE) | CVSS score | Affected products | Affected versions1 | Fixes introduced in |
---|---|---|---|---|
K94221585: iControl SOAP vulnerability CVE-2022-41622 | 8.8 | BIG-IP (all modules) | 17.0.0 | |
16.1.0 - 16.1.3 | ||||
15.1.0 - 15.1.8 | ||||
14.1.0 - 14.1.5 | ||||
13.1.0 - 13.1.5 | 17.0.0.2 | |||
16.1.3.3 | ||||
15.1.8.1 | ||||
14.1.5.3 | ||||
BIG-IQ Centralized Management | 8.0.0 - 8.2.0 | |||
7.1.0 | None | |||
K13325942: Appliance mode iControl REST vulnerability CVE-2022-41800 | 8.7 - Appliance mode only | BIG-IP (all modules) | 17.0.0 | |
16.1.0 - 16.1.3 | ||||
15.1.0 - 15.1.8 | ||||
14.1.0 - 14.1.5 | ||||
13.1.0 - 13.1.5 | 17.1.0 | |||
17.0.0.2 | ||||
16.1.3.3 | ||||
15.1.8.1 | ||||
14.1.5.3 |
1F5 evaluates only software versions that have not yet reached the End of Technical Support (EoTS) phase of their lifecycle.
Improvements
Article (Improvements) | Affected products | Affected versions1 | Fixes introduced in |
---|---|---|---|
K05403841: BIG-IP and BIG-IQ improvements disclosed by Rapid7 | BIG-IP (all modules) | 17.0.0 | |
16.1.0 - 16.1.3 | |||
15.1.0 - 15.1.8 | |||
14.1.0 - 14.1.5 | |||
13.1.0 - 13.1.5 | None | ||
BIG-IQ Centralized Management | 8.0.0 - 8.2.0 | ||
7.1.0 | None |
1F5 evaluates only software versions that have not yet reached the End of Technical Support (EoTS) phase of their lifecycle.