Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2022-34865
PUBLISHED
More InfoOfficial Page
Assigner-f5
Assigner Org ID-9dacffd4-cb11-413f-8451-fbbfd4ddc0ab
View Known Exploited Vulnerability (KEV) details
Published At-04 Aug, 2022 | 17:48
Updated At-16 Sep, 2024 | 16:52
Rejected At-
▼CVE Numbering Authority (CNA)
Traffic intelligence feeds vulnerability CVE-2022-34865

In BIG-IP Versions 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, Traffic Intelligence feeds, which use HTTPS, do not verify the remote endpoint identity, allowing for potential data poisoning. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Affected Products
Vendor
F5, Inc.F5
Product
BIG-IP
Versions
Affected
  • From 13.1.0 before 13.1.x* (custom)
  • From 14.1.x before 14.1.5 (custom)
  • From 15.1.x before 15.1.6.1 (custom)
Unaffected
  • From 16.1.0 before 16.1.x* (custom)
  • From 17.0.0 before 17.0.x* (custom)
Problem Types
TypeCWE IDDescription
CWECWE-295CWE-295 Improper Certificate Validation
Type: CWE
CWE ID: CWE-295
Description: CWE-295 Improper Certificate Validation
Metrics
VersionBase scoreBase severityVector
3.14.8MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Version: 3.1
Base score: 4.8
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.f5.com/csp/article/K25046752
x_refsource_MISC
Hyperlink: https://support.f5.com/csp/article/K25046752
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.f5.com/csp/article/K25046752
x_refsource_MISC
x_transferred
Hyperlink: https://support.f5.com/csp/article/K25046752
Resource:
x_refsource_MISC
x_transferred
Details not found