CVE-2022-34844 | ByteOS Network

Vulnerability Details :

CVE-2022-34844

Assigner-f5

Assigner Org ID-9dacffd4-cb11-413f-8451-fbbfd4ddc0ab

Published At-04 Aug, 2022 | 17:47

Updated At-16 Sep, 2024 | 20:58

BIG-IP and BIG-IQ AWS vulnerability CVE-2022-34844

In BIG-IP Versions 16.1.x before 16.1.3.1 and 15.1.x before 15.1.6.1, and all versions of BIG-IQ 8.x, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP or BIG-IQ on Amazon Web Services (AWS) systems, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Successful exploitation relies on conditions outside of the attacker's control. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

EPSS History

Score

Latest Score

-

N/A

Percentile

Latest Percentile

-

N/A

▼Common Vulnerabilities and Exposures (CVE)

Assigner:f5

Assigner Org ID:9dacffd4-cb11-413f-8451-fbbfd4ddc0ab

Published At:04 Aug, 2022 | 17:47

Updated At:16 Sep, 2024 | 20:58

▼CVE Numbering Authority (CNA)

BIG-IP and BIG-IQ AWS vulnerability CVE-2022-34844

In BIG-IP Versions 16.1.x before 16.1.3.1 and 15.1.x before 15.1.6.1, and all versions of BIG-IQ 8.x, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP or BIG-IQ on Amazon Web Services (AWS) systems, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Successful exploitation relies on conditions outside of the attacker's control. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Affected Products

Vendor

Product

Versions

Affected

From 15.1.x before 15.1.6.1 (custom)
From 16.1.x before 16.1.3.1 (custom)

Unaffected

From 13.1.0 before 13.1.x* (custom)
From 14.1.0 before 14.1.x* (custom)
From 17.0.0 before 17.0.x* (custom)

Vendor

Product

BIG-IQ Centralized Management

Versions

Affected

From 8.0.0 before 8.x* (custom)

Unaffected

From 7.0.0 before 7.x* (custom)

Problem Types

Type	CWE ID	Description
CWE	CWE-20	CWE-20 Improper Input Validation

Type: CWE

CWE ID: CWE-20

Description: CWE-20 Improper Input Validation

Metrics

Version	Base score	Base severity	Vector
3.1	5.9	MEDIUM	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Version: 3.1

Base score: 5.9

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References

Hyperlink	Resource
https://support.f5.com/csp/article/K34511555	x_refsource_MISC

Hyperlink: https://support.f5.com/csp/article/K34511555

Resource:

x_refsource_MISC

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://support.f5.com/csp/article/K34511555	x_refsource_MISC x_transferred

Hyperlink: https://support.f5.com/csp/article/K34511555

Resource:

x_refsource_MISC

x_transferred

▼National Vulnerability Database (NVD)

Source:f5sirt@f5.com

Published At:04 Aug, 2022 | 18:15

Updated At:10 Aug, 2022 | 23:46

In BIG-IP Versions 16.1.x before 16.1.3.1 and 15.1.x before 15.1.6.1, and all versions of BIG-IQ 8.x, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP or BIG-IQ on Amazon Web Services (AWS) systems, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Successful exploitation relies on conditions outside of the attacker's control. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Secondary	3.1	5.9	MEDIUM	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Type: Primary

Version: 3.1

Base score: 7.5

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Type: Secondary

Version: 3.1

Base score: 5.9

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CPE Matches

>>big-ip_access_policy_manager>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)

cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*

>>big-ip_access_policy_manager>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)

cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*

>>big-ip_advanced_firewall_manager>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*

>>big-ip_advanced_firewall_manager>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*

>>big-ip_analytics>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)

cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*

>>big-ip_analytics>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)

cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*

>>big-ip_application_acceleration_manager>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)

cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*

>>big-ip_application_acceleration_manager>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)

cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*

>>big-ip_application_security_manager>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)

cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*

>>big-ip_application_security_manager>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)

cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*

>>big-ip_domain_name_system>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)

cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*

>>big-ip_domain_name_system>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)

cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*

>>big-ip_fraud_protection_service>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)

cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*

>>big-ip_fraud_protection_service>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)

cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*

>>big-ip_global_traffic_manager>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)

cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*

>>big-ip_global_traffic_manager>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)

cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*

>>big-ip_link_controller>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)

cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*

>>big-ip_link_controller>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)

cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*

>>big-ip_local_traffic_manager>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)

cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*

>>big-ip_local_traffic_manager>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)

cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*

>>big-ip_policy_enforcement_manager>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*

>>big-ip_policy_enforcement_manager>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*

>>big-iq_centralized_management>>7.0.0

cpe:2.3:a:f5:big-iq_centralized_management:7.0.0:*:*:*:*:*:*:*

>>big-iq_centralized_management>>7.1.0

cpe:2.3:a:f5:big-iq_centralized_management:7.1.0:*:*:*:*:*:*:*

>>big-iq_centralized_management>>8.0.0

cpe:2.3:a:f5:big-iq_centralized_management:8.0.0:*:*:*:*:*:*:*

>>big-iq_centralized_management>>8.1.0

cpe:2.3:a:f5:big-iq_centralized_management:8.1.0:*:*:*:*:*:*:*

>>big-iq_centralized_management>>8.2.0

cpe:2.3:a:f5:big-iq_centralized_management:8.2.0:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-noinfo	Primary	nvd@nist.gov
CWE-20	Secondary	f5sirt@f5.com

CWE ID: NVD-CWE-noinfo

Type: Primary

Source: nvd@nist.gov

CWE ID: CWE-20

Type: Secondary

Source: f5sirt@f5.com

References

Hyperlink	Source	Resource
https://support.f5.com/csp/article/K34511555	f5sirt@f5.com	Vendor Advisory

Hyperlink: https://support.f5.com/csp/article/K34511555

Source: f5sirt@f5.com

Resource:

Vendor Advisory