First published: Thu May 05 2022(Updated: )
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, when an Active mode-enabled FTP profile is configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing active FTP data channel connections. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Credit: f5sirt@f5.com
Affected Software | Affected Version | How to fix |
---|---|---|
F5 Access Policy Manager | =13.1.0 | |
F5 Access Policy Manager | =13.1.1 | |
F5 Access Policy Manager | =13.1.3 | |
F5 Access Policy Manager | =13.1.4 | |
F5 Access Policy Manager | =13.1.5 | |
F5 Access Policy Manager | =14.1.0 | |
F5 Access Policy Manager | =14.1.2 | |
F5 Access Policy Manager | =14.1.3 | |
F5 Access Policy Manager | =14.1.4 | |
F5 Access Policy Manager | =15.1.0 | |
F5 Access Policy Manager | =15.1.1 | |
F5 Access Policy Manager | =15.1.2 | |
F5 Access Policy Manager | =15.1.3 | |
F5 Access Policy Manager | =15.1.4 | |
F5 Access Policy Manager | =15.1.5 | |
F5 Access Policy Manager | =16.1.0 | |
F5 Access Policy Manager | =16.1.1 | |
F5 Access Policy Manager | =16.1.2 | |
F5 BIG-IP Advanced Firewall Manager | =13.1.0 | |
F5 BIG-IP Advanced Firewall Manager | =13.1.1 | |
F5 BIG-IP Advanced Firewall Manager | =13.1.3 | |
F5 BIG-IP Advanced Firewall Manager | =13.1.4 | |
F5 BIG-IP Advanced Firewall Manager | =13.1.5 | |
F5 BIG-IP Advanced Firewall Manager | =14.1.0 | |
F5 BIG-IP Advanced Firewall Manager | =14.1.2 | |
F5 BIG-IP Advanced Firewall Manager | =14.1.3 | |
F5 BIG-IP Advanced Firewall Manager | =14.1.4 | |
F5 BIG-IP Advanced Firewall Manager | =15.1.0 | |
F5 BIG-IP Advanced Firewall Manager | =15.1.1 | |
F5 BIG-IP Advanced Firewall Manager | =15.1.2 | |
F5 BIG-IP Advanced Firewall Manager | =15.1.3 | |
F5 BIG-IP Advanced Firewall Manager | =15.1.4 | |
F5 BIG-IP Advanced Firewall Manager | =15.1.5 | |
F5 BIG-IP Advanced Firewall Manager | =16.1.0 | |
F5 BIG-IP Advanced Firewall Manager | =16.1.1 | |
F5 BIG-IP Advanced Firewall Manager | =16.1.2 | |
F5 BIG-IP Analytics | =13.1.0 | |
F5 BIG-IP Analytics | =13.1.1 | |
F5 BIG-IP Analytics | =13.1.3 | |
F5 BIG-IP Analytics | =13.1.4 | |
F5 BIG-IP Analytics | =13.1.5 | |
F5 BIG-IP Analytics | =14.1.0 | |
F5 BIG-IP Analytics | =14.1.2 | |
F5 BIG-IP Analytics | =14.1.3 | |
F5 BIG-IP Analytics | =14.1.4 | |
F5 BIG-IP Analytics | =15.1.0 | |
F5 BIG-IP Analytics | =15.1.1 | |
F5 BIG-IP Analytics | =15.1.2 | |
F5 BIG-IP Analytics | =15.1.3 | |
F5 BIG-IP Analytics | =15.1.4 | |
F5 BIG-IP Analytics | =15.1.5 | |
F5 BIG-IP Analytics | =16.1.0 | |
F5 BIG-IP Analytics | =16.1.1 | |
F5 BIG-IP Analytics | =16.1.2 | |
F5 BIG-IP Application Acceleration Manager | =13.1.0 | |
F5 BIG-IP Application Acceleration Manager | =13.1.1 | |
F5 BIG-IP Application Acceleration Manager | =13.1.3 | |
F5 BIG-IP Application Acceleration Manager | =13.1.4 | |
F5 BIG-IP Application Acceleration Manager | =13.1.5 | |
F5 BIG-IP Application Acceleration Manager | =14.1.0 | |
F5 BIG-IP Application Acceleration Manager | =14.1.2 | |
F5 BIG-IP Application Acceleration Manager | =14.1.3 | |
F5 BIG-IP Application Acceleration Manager | =14.1.4 | |
F5 BIG-IP Application Acceleration Manager | =15.1.0 | |
F5 BIG-IP Application Acceleration Manager | =15.1.1 | |
F5 BIG-IP Application Acceleration Manager | =15.1.2 | |
F5 BIG-IP Application Acceleration Manager | =15.1.3 | |
F5 BIG-IP Application Acceleration Manager | =15.1.4 | |
F5 BIG-IP Application Acceleration Manager | =15.1.5 | |
F5 BIG-IP Application Acceleration Manager | =16.1.0 | |
F5 BIG-IP Application Acceleration Manager | =16.1.1 | |
F5 BIG-IP Application Acceleration Manager | =16.1.2 | |
F5 Application Security Manager | =13.1.0 | |
F5 Application Security Manager | =13.1.1 | |
F5 Application Security Manager | =13.1.3 | |
F5 Application Security Manager | =13.1.4 | |
F5 Application Security Manager | =13.1.5 | |
F5 Application Security Manager | =14.1.0 | |
F5 Application Security Manager | =14.1.2 | |
F5 Application Security Manager | =14.1.3 | |
F5 Application Security Manager | =14.1.4 | |
F5 Application Security Manager | =15.1.0 | |
F5 Application Security Manager | =15.1.1 | |
F5 Application Security Manager | =15.1.2 | |
F5 Application Security Manager | =15.1.3 | |
F5 Application Security Manager | =15.1.4 | |
F5 Application Security Manager | =15.1.5 | |
F5 Application Security Manager | =16.1.0 | |
F5 Application Security Manager | =16.1.1 | |
F5 Application Security Manager | =16.1.2 | |
F5 BIG-IP | =13.1.0 | |
F5 BIG-IP | =13.1.1 | |
F5 BIG-IP | =13.1.3 | |
F5 BIG-IP | =13.1.4 | |
F5 BIG-IP | =13.1.5 | |
F5 BIG-IP | =14.1.0 | |
F5 BIG-IP | =14.1.2 | |
F5 BIG-IP | =14.1.3 | |
F5 BIG-IP | =14.1.4 | |
F5 BIG-IP | =15.1.0 | |
F5 BIG-IP | =15.1.1 | |
F5 BIG-IP | =15.1.2 | |
F5 BIG-IP | =15.1.3 | |
F5 BIG-IP | =15.1.4 | |
F5 BIG-IP | =15.1.5 | |
F5 BIG-IP | =16.1.0 | |
F5 BIG-IP | =16.1.1 | |
F5 BIG-IP | =16.1.2 | |
F5 BIG-IP Fraud Protection Service | =13.1.0 | |
F5 BIG-IP Fraud Protection Service | =13.1.1 | |
F5 BIG-IP Fraud Protection Service | =13.1.3 | |
F5 BIG-IP Fraud Protection Service | =13.1.4 | |
F5 BIG-IP Fraud Protection Service | =13.1.5 | |
F5 BIG-IP Fraud Protection Service | =14.1.0 | |
F5 BIG-IP Fraud Protection Service | =14.1.2 | |
F5 BIG-IP Fraud Protection Service | =14.1.3 | |
F5 BIG-IP Fraud Protection Service | =14.1.4 | |
F5 BIG-IP Fraud Protection Service | =15.1.0 | |
F5 BIG-IP Fraud Protection Service | =15.1.1 | |
F5 BIG-IP Fraud Protection Service | =15.1.2 | |
F5 BIG-IP Fraud Protection Service | =15.1.3 | |
F5 BIG-IP Fraud Protection Service | =15.1.4 | |
F5 BIG-IP Fraud Protection Service | =15.1.5 | |
F5 BIG-IP Fraud Protection Service | =16.1.0 | |
F5 BIG-IP Fraud Protection Service | =16.1.1 | |
F5 BIG-IP Fraud Protection Service | =16.1.2 | |
Riverbed SteelApp Traffic Manager | =13.1.0 | |
Riverbed SteelApp Traffic Manager | =13.1.1 | |
Riverbed SteelApp Traffic Manager | =13.1.3 | |
Riverbed SteelApp Traffic Manager | =13.1.4 | |
Riverbed SteelApp Traffic Manager | =13.1.5 | |
Riverbed SteelApp Traffic Manager | =14.1.0 | |
Riverbed SteelApp Traffic Manager | =14.1.2 | |
Riverbed SteelApp Traffic Manager | =14.1.3 | |
Riverbed SteelApp Traffic Manager | =14.1.4 | |
Riverbed SteelApp Traffic Manager | =15.1.0 | |
Riverbed SteelApp Traffic Manager | =15.1.1 | |
Riverbed SteelApp Traffic Manager | =15.1.2 | |
Riverbed SteelApp Traffic Manager | =15.1.3 | |
Riverbed SteelApp Traffic Manager | =15.1.4 | |
Riverbed SteelApp Traffic Manager | =15.1.5 | |
Riverbed SteelApp Traffic Manager | =16.1.0 | |
Riverbed SteelApp Traffic Manager | =16.1.1 | |
Riverbed SteelApp Traffic Manager | =16.1.2 | |
F5 BIG-IP Link Controller | =13.1.0 | |
F5 BIG-IP Link Controller | =13.1.1 | |
F5 BIG-IP Link Controller | =13.1.3 | |
F5 BIG-IP Link Controller | =13.1.4 | |
F5 BIG-IP Link Controller | =13.1.5 | |
F5 BIG-IP Link Controller | =14.1.0 | |
F5 BIG-IP Link Controller | =14.1.2 | |
F5 BIG-IP Link Controller | =14.1.3 | |
F5 BIG-IP Link Controller | =14.1.4 | |
F5 BIG-IP Link Controller | =15.1.0 | |
F5 BIG-IP Link Controller | =15.1.1 | |
F5 BIG-IP Link Controller | =15.1.2 | |
F5 BIG-IP Link Controller | =15.1.3 | |
F5 BIG-IP Link Controller | =15.1.4 | |
F5 BIG-IP Link Controller | =15.1.5 | |
F5 BIG-IP Link Controller | =16.1.0 | |
F5 BIG-IP Link Controller | =16.1.1 | |
F5 BIG-IP Link Controller | =16.1.2 | |
Riverbed SteelApp Traffic Manager | =13.1.0 | |
Riverbed SteelApp Traffic Manager | =13.1.1 | |
Riverbed SteelApp Traffic Manager | =13.1.3 | |
Riverbed SteelApp Traffic Manager | =13.1.4 | |
Riverbed SteelApp Traffic Manager | =13.1.5 | |
Riverbed SteelApp Traffic Manager | =14.1.0 | |
Riverbed SteelApp Traffic Manager | =14.1.2 | |
Riverbed SteelApp Traffic Manager | =14.1.3 | |
Riverbed SteelApp Traffic Manager | =14.1.4 | |
Riverbed SteelApp Traffic Manager | =15.1.0 | |
Riverbed SteelApp Traffic Manager | =15.1.1 | |
Riverbed SteelApp Traffic Manager | =15.1.2 | |
Riverbed SteelApp Traffic Manager | =15.1.3 | |
Riverbed SteelApp Traffic Manager | =15.1.4 | |
Riverbed SteelApp Traffic Manager | =15.1.5 | |
Riverbed SteelApp Traffic Manager | =16.1.0 | |
Riverbed SteelApp Traffic Manager | =16.1.1 | |
Riverbed SteelApp Traffic Manager | =16.1.2 | |
F5 BIG-IP Policy Enforcement Manager | =13.1.0 | |
F5 BIG-IP Policy Enforcement Manager | =13.1.1 | |
F5 BIG-IP Policy Enforcement Manager | =13.1.3 | |
F5 BIG-IP Policy Enforcement Manager | =13.1.4 | |
F5 BIG-IP Policy Enforcement Manager | =13.1.5 | |
F5 BIG-IP Policy Enforcement Manager | =14.1.0 | |
F5 BIG-IP Policy Enforcement Manager | =14.1.2 | |
F5 BIG-IP Policy Enforcement Manager | =14.1.3 | |
F5 BIG-IP Policy Enforcement Manager | =14.1.4 | |
F5 BIG-IP Policy Enforcement Manager | =15.1.0 | |
F5 BIG-IP Policy Enforcement Manager | =15.1.1 | |
F5 BIG-IP Policy Enforcement Manager | =15.1.2 | |
F5 BIG-IP Policy Enforcement Manager | =15.1.3 | |
F5 BIG-IP Policy Enforcement Manager | =15.1.4 | |
F5 BIG-IP Policy Enforcement Manager | =15.1.5 | |
F5 BIG-IP Policy Enforcement Manager | =16.1.0 | |
F5 BIG-IP Policy Enforcement Manager | =16.1.1 | |
F5 BIG-IP Policy Enforcement Manager | =16.1.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2022-26130 is listed as high due to its potential to cause denial of service.
To mitigate CVE-2022-26130, upgrade your F5 BIG-IP software to the fixed versions 16.1.2.2, 15.1.5.1, 14.1.4.6, or 13.1.5.
CVE-2022-26130 affects F5 BIG-IP versions prior to 16.1.2.2, 15.1.5.1, 14.1.4.6, and 13.1.5.
CVE-2022-26130 can result in the affected virtual server ceasing to process traffic when exploited.
Disabling Active mode on the FTP profile can serve as a temporary workaround for CVE-2022-26130.