Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2022-41787
PUBLISHED
More InfoOfficial Page
Assigner-f5
Assigner Org ID-9dacffd4-cb11-413f-8451-fbbfd4ddc0ab
View Known Exploited Vulnerability (KEV) details
Published At-19 Oct, 2022 | 21:22
Updated At-06 May, 2025 | 18:52
Rejected At-
▼CVE Numbering Authority (CNA)
BIG-IP DNS Express vulnerability CVE-2022-41787

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when DNS profile is configured on a virtual server with DNS Express enabled, undisclosed DNS queries with DNSSEC can cause TMM to terminate.

Affected Products
Vendor
F5, Inc.F5
Product
BIG-IP DNS
Versions
Affected
  • From 17.0.x before 17.0.0.1 (custom)
  • From 16.1.x before 16.1.3.1 (custom)
  • From 15.1.x before 15.1.6.1 (custom)
  • From 14.1.x before 14.1.5.1 (custom)
  • From 13.1.x before 13.1.5.1 (custom)
Vendor
F5, Inc.F5
Product
BIG-IP LTM
Versions
Affected
  • From 17.0.x before 17.0.0.1 (custom)
  • From 16.1.x before 16.1.3.1 (custom)
  • From 15.1.x before 15.1.6.1 (custom)
  • From 14.1.x before 14.1.5.1 (custom)
  • From 13.1.x before 13.1.5.1 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-476CWE-476 NULL Pointer Dereference
Type: CWE
CWE ID: CWE-476
Description: CWE-476 NULL Pointer Dereference
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
This issue was discovered internally by F5.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.f5.com/csp/article/K70569537
N/A
Hyperlink: https://support.f5.com/csp/article/K70569537
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.f5.com/csp/article/K70569537
x_transferred
Hyperlink: https://support.f5.com/csp/article/K70569537
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found