Lucene search
HistoryAug 04, 2022 - 6:15 p.m.
CVE-2022-33968
big-ip
vulnerability
ltm monitor
apm sso
buffer over-read
ntlm challenge-response
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
28.4%
In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, when an LTM monitor or APM SSO is configured on a virtual server, and NTLM challenge-response is in use, undisclosed traffic can cause a buffer over-read. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Affected configurations
Node
f5big-ip_access_policy_managerRange13.1.0–13.1.5
ORf5big-ip_access_policy_managerRange14.1.0–14.1.5.1
ORf5big-ip_access_policy_managerRange15.1.0–15.1.6.1
ORf5big-ip_access_policy_managerRange16.1.0–16.1.3.1
ORf5big-ip_access_policy_managerMatch17.0.0
ORf5big-ip_advanced_firewall_managerRange13.1.0–13.1.5
ORf5big-ip_advanced_firewall_managerRange14.1.0–14.1.5.1
ORf5big-ip_advanced_firewall_managerRange15.1.0–15.1.6.1
ORf5big-ip_advanced_firewall_managerRange16.1.0–16.1.3.1
ORf5big-ip_advanced_firewall_managerMatch17.0.0
ORf5big-ip_analyticsRange13.1.0–13.1.5
ORf5big-ip_analyticsRange14.1.0–14.1.5.1
ORf5big-ip_analyticsRange15.1.0–15.1.6.1
ORf5big-ip_analyticsRange16.1.0–16.1.3.1
ORf5big-ip_analyticsMatch17.0.0
ORf5big-ip_application_acceleration_managerRange13.1.0–13.1.5
ORf5big-ip_application_acceleration_managerRange14.1.0–14.1.5.1
ORf5big-ip_application_acceleration_managerRange15.1.0–15.1.6.1
ORf5big-ip_application_acceleration_managerRange16.1.0–16.1.3.1
ORf5big-ip_application_acceleration_managerMatch17.0.0
ORf5big-ip_application_security_managerRange13.1.0–13.1.5
ORf5big-ip_application_security_managerRange14.1.0–14.1.5.1
ORf5big-ip_application_security_managerRange15.1.0–15.1.6.1
ORf5big-ip_application_security_managerRange16.1.0–16.1.3.1
ORf5big-ip_application_security_managerMatch17.0.0
ORf5big-ip_domain_name_systemRange13.1.0–13.1.5
ORf5big-ip_domain_name_systemRange14.1.0–14.1.5.1
ORf5big-ip_domain_name_systemRange15.1.0–15.1.6.1
ORf5big-ip_domain_name_systemRange16.1.0–16.1.3.1
ORf5big-ip_domain_name_systemMatch17.0.0
ORf5big-ip_fraud_protection_serviceRange13.1.0–13.1.5
ORf5big-ip_fraud_protection_serviceRange14.1.0–14.1.5.1
ORf5big-ip_fraud_protection_serviceRange15.1.0–15.1.6.1
ORf5big-ip_fraud_protection_serviceRange16.1.0–16.1.3.1
ORf5big-ip_fraud_protection_serviceMatch17.0.0
ORf5big-ip_global_traffic_managerRange13.1.0–13.1.5
ORf5big-ip_global_traffic_managerRange14.1.0–14.1.5.1
ORf5big-ip_global_traffic_managerRange15.1.0–15.1.6.1
ORf5big-ip_global_traffic_managerRange16.1.0–16.1.3.1
ORf5big-ip_global_traffic_managerMatch17.0.0
ORf5big-ip_link_controllerRange13.1.0–13.1.5
ORf5big-ip_link_controllerRange14.1.0–14.1.5.1
ORf5big-ip_link_controllerRange15.1.0–15.1.6.1
ORf5big-ip_link_controllerRange16.1.0–16.1.3.1
ORf5big-ip_link_controllerMatch17.0.0
ORf5big-ip_local_traffic_managerRange13.1.0–13.1.5
ORf5big-ip_local_traffic_managerRange14.1.0–14.1.5.1
ORf5big-ip_local_traffic_managerRange15.1.0–15.1.6.1
ORf5big-ip_local_traffic_managerRange16.1.0–16.1.3.1
ORf5big-ip_local_traffic_managerMatch17.0.0
ORf5big-ip_policy_enforcement_managerRange13.1.0–13.1.5
ORf5big-ip_policy_enforcement_managerRange14.1.0–14.1.5.1
ORf5big-ip_policy_enforcement_managerRange15.1.0–15.1.6.1
ORf5big-ip_policy_enforcement_managerRange16.1.0–16.1.3.1
ORf5big-ip_policy_enforcement_managerMatch17.0.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| f5 | big-ip_access_policy_manager | * | cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* |
| f5 | big-ip_access_policy_manager | 17.0.0 | cpe:2.3:a:f5:big-ip_access_policy_manager:17.0.0:*:*:*:*:*:*:* |
| f5 | big-ip_advanced_firewall_manager | * | cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* |
| f5 | big-ip_advanced_firewall_manager | 17.0.0 | cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.0.0:*:*:*:*:*:*:* |
| f5 | big-ip_analytics | * | cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* |
| f5 | big-ip_analytics | 17.0.0 | cpe:2.3:a:f5:big-ip_analytics:17.0.0:*:*:*:*:*:*:* |
| f5 | big-ip_application_acceleration_manager | * | cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* |
| f5 | big-ip_application_acceleration_manager | 17.0.0 | cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.0.0:*:*:*:*:*:*:* |
| f5 | big-ip_application_security_manager | * | cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* |
| f5 | big-ip_application_security_manager | 17.0.0 | cpe:2.3:a:f5:big-ip_application_security_manager:17.0.0:*:*:*:*:*:*:* |
References
Related
cve
cve
CVE-2022-33968
2022-08-04 18:15:09
f5
f5
K23465404 : BIG-IP LTM and APM NTLM vulnerability CVE-2022-33968
2022-08-03 00:00:00
K14649763 : Overview of F5 vulnerabilities (August 2022)
2022-08-03 00:00:00
cnvd
cnvd
F5 BIG-IP LTM and APM NTLM out-of-bounds read vulnerability
2022-08-03 00:00:00
nessus
nessus
F5 Networks BIG-IP : BIG-IP LTM and APM NTLM vulnerability (K23465404)
2022-08-03 00:00:00
prion
prion
Code injection
2022-08-04 18:15:00
cvelist
cvelist
CVE-2022-33968 BIG-IP LTM and APM NTLM vulnerability CVE-2022-33968
2022-08-04 17:47:03
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
28.4%
Related for NVD:CVE-2022-33968