CVE-2022-33962: BIG-IP iRule vulnerability CVE-2022-33962
First published: Thu Aug 04 2022(Updated: )
In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, certain iRules commands may allow an attacker to bypass the access control restrictions for a self IP address, regardless of the port lockdown settings. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Credit: f5sirt@f5.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F5 Access Policy Manager | >=13.1.0<=13.1.5 | |
| F5 Access Policy Manager | >=14.1.0<14.1.5.1 | |
| F5 Access Policy Manager | >=15.1.0<15.1.6.1 | |
| F5 Access Policy Manager | >=16.1.0<16.1.3.1 | |
| F5 Access Policy Manager | =17.0.0 | |
| F5 BIG-IP Advanced Firewall Manager | >=13.1.0<=13.1.5 | |
| F5 BIG-IP Advanced Firewall Manager | >=14.1.0<14.1.5.1 | |
| F5 BIG-IP Advanced Firewall Manager | >=15.1.0<15.1.6.1 | |
| F5 BIG-IP Advanced Firewall Manager | >=16.1.0<16.1.3.1 | |
| F5 BIG-IP Advanced Firewall Manager | =17.0.0 | |
| F5 BIG-IP Analytics | >=13.1.0<=13.1.5 | |
| F5 BIG-IP Analytics | >=14.1.0<14.1.5.1 | |
| F5 BIG-IP Analytics | >=15.1.0<15.1.6.1 | |
| F5 BIG-IP Analytics | >=16.1.0<16.1.3.1 | |
| F5 BIG-IP Analytics | =17.0.0 | |
| F5 BIG-IP Application Acceleration Manager | >=13.1.0<=13.1.5 | |
| F5 BIG-IP Application Acceleration Manager | >=14.1.0<14.1.5.1 | |
| F5 BIG-IP Application Acceleration Manager | >=15.1.0<15.1.6.1 | |
| F5 BIG-IP Application Acceleration Manager | >=16.1.0<16.1.3.1 | |
| F5 BIG-IP Application Acceleration Manager | =17.0.0 | |
| F5 Application Security Manager | >=13.1.0<=13.1.5 | |
| F5 Application Security Manager | >=14.1.0<14.1.5.1 | |
| F5 Application Security Manager | >=15.1.0<15.1.6.1 | |
| F5 Application Security Manager | >=16.1.0<16.1.3.1 | |
| F5 Application Security Manager | =17.0.0 | |
| F5 BIG-IP | >=13.1.0<=13.1.5 | |
| F5 BIG-IP | >=14.1.0<14.1.5.1 | |
| F5 BIG-IP | >=15.1.0<15.1.6.1 | |
| F5 BIG-IP | >=16.1.0<16.1.3.1 | |
| F5 BIG-IP | =17.0.0 | |
| F5 BIG-IP Fraud Protection Service | >=13.1.0<=13.1.5 | |
| F5 BIG-IP Fraud Protection Service | >=14.1.0<14.1.5.1 | |
| F5 BIG-IP Fraud Protection Service | >=15.1.0<15.1.6.1 | |
| F5 BIG-IP Fraud Protection Service | >=16.1.0<16.1.3.1 | |
| F5 BIG-IP Fraud Protection Service | =17.0.0 | |
| Riverbed SteelApp Traffic Manager | >=13.1.0<=13.1.5 | |
| Riverbed SteelApp Traffic Manager | >=14.1.0<14.1.5.1 | |
| Riverbed SteelApp Traffic Manager | >=15.1.0<15.1.6.1 | |
| Riverbed SteelApp Traffic Manager | >=16.1.0<16.1.3.1 | |
| Riverbed SteelApp Traffic Manager | =17.0.0 | |
| F5 BIG-IP Link Controller | >=13.1.0<=13.1.5 | |
| F5 BIG-IP Link Controller | >=14.1.0<14.1.5.1 | |
| F5 BIG-IP Link Controller | >=15.1.0<15.1.6.1 | |
| F5 BIG-IP Link Controller | >=16.1.0<16.1.3.1 | |
| F5 BIG-IP Link Controller | =17.0.0 | |
| Riverbed SteelApp Traffic Manager | >=13.1.0<=13.1.5 | |
| Riverbed SteelApp Traffic Manager | >=14.1.0<14.1.5.1 | |
| Riverbed SteelApp Traffic Manager | >=15.1.0<15.1.6.1 | |
| Riverbed SteelApp Traffic Manager | >=16.1.0<16.1.3.1 | |
| Riverbed SteelApp Traffic Manager | =17.0.0 | |
| F5 BIG-IP Policy Enforcement Manager | >=13.1.0<=13.1.5 | |
| F5 BIG-IP Policy Enforcement Manager | >=14.1.0<14.1.5.1 | |
| F5 BIG-IP Policy Enforcement Manager | >=15.1.0<15.1.6.1 | |
| F5 BIG-IP Policy Enforcement Manager | >=16.1.0<16.1.3.1 | |
| F5 BIG-IP Policy Enforcement Manager | =17.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-33962?
The severity of CVE-2022-33962 is considered high due to potential access control bypass.
How do I fix CVE-2022-33962?
To fix CVE-2022-33962, upgrade to the patched versions 17.0.0.1, 16.1.3.1, 15.1.6.1, or 14.1.5.1 depending on your current version.
What software is affected by CVE-2022-33962?
CVE-2022-33962 affects multiple versions of F5 BIG-IP products, including Access Policy Manager and Application Security Manager.
What impact does CVE-2022-33962 have?
CVE-2022-33962 allows attackers to potentially bypass access control restrictions to certain self IP addresses.
Is there a workaround for CVE-2022-33962?
There is no official workaround for CVE-2022-33962 other than upgrading to a fixed version.
- agent/type
- agent/author
- agent/description
- agent/weakness
- agent/title
- agent/severity
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/f5
- canonical/f5 access policy manager
- version/f5 access policy manager/13.1.0
- version/f5 access policy manager/13.1.5
- version/f5 access policy manager/14.1.0
- version/f5 access policy manager/15.1.0
- version/f5 access policy manager/16.1.0
- version/f5 access policy manager/17.0.0
- canonical/f5 big-ip advanced firewall manager
- version/f5 big-ip advanced firewall manager/13.1.0
- version/f5 big-ip advanced firewall manager/13.1.5
- version/f5 big-ip advanced firewall manager/14.1.0
- version/f5 big-ip advanced firewall manager/15.1.0
- version/f5 big-ip advanced firewall manager/16.1.0
- version/f5 big-ip advanced firewall manager/17.0.0
- canonical/f5 big-ip analytics
- version/f5 big-ip analytics/13.1.0
- version/f5 big-ip analytics/13.1.5
- version/f5 big-ip analytics/14.1.0
- version/f5 big-ip analytics/15.1.0
- version/f5 big-ip analytics/16.1.0
- version/f5 big-ip analytics/17.0.0
- canonical/f5 big-ip application acceleration manager
- version/f5 big-ip application acceleration manager/13.1.0
- version/f5 big-ip application acceleration manager/13.1.5
- version/f5 big-ip application acceleration manager/14.1.0
- version/f5 big-ip application acceleration manager/15.1.0
- version/f5 big-ip application acceleration manager/16.1.0
- version/f5 big-ip application acceleration manager/17.0.0
- canonical/f5 application security manager
- version/f5 application security manager/13.1.0
- version/f5 application security manager/13.1.5
- version/f5 application security manager/14.1.0
- version/f5 application security manager/15.1.0
- version/f5 application security manager/16.1.0
- version/f5 application security manager/17.0.0
- canonical/f5 big-ip
- version/f5 big-ip/13.1.0
- version/f5 big-ip/13.1.5
- version/f5 big-ip/14.1.0
- version/f5 big-ip/15.1.0
- version/f5 big-ip/16.1.0
- version/f5 big-ip/17.0.0
- canonical/f5 big-ip fraud protection service
- version/f5 big-ip fraud protection service/13.1.0
- version/f5 big-ip fraud protection service/13.1.5
- version/f5 big-ip fraud protection service/14.1.0
- version/f5 big-ip fraud protection service/15.1.0
- version/f5 big-ip fraud protection service/16.1.0
- version/f5 big-ip fraud protection service/17.0.0
- canonical/riverbed steelapp traffic manager
- version/riverbed steelapp traffic manager/13.1.0
- version/riverbed steelapp traffic manager/13.1.5
- version/riverbed steelapp traffic manager/14.1.0
- version/riverbed steelapp traffic manager/15.1.0
- version/riverbed steelapp traffic manager/16.1.0
- version/riverbed steelapp traffic manager/17.0.0
- canonical/f5 big-ip link controller
- version/f5 big-ip link controller/13.1.0
- version/f5 big-ip link controller/13.1.5
- version/f5 big-ip link controller/14.1.0
- version/f5 big-ip link controller/15.1.0
- version/f5 big-ip link controller/16.1.0
- version/f5 big-ip link controller/17.0.0
- canonical/f5 big-ip policy enforcement manager
- version/f5 big-ip policy enforcement manager/13.1.0
- version/f5 big-ip policy enforcement manager/13.1.5
- version/f5 big-ip policy enforcement manager/14.1.0
- version/f5 big-ip policy enforcement manager/15.1.0
- version/f5 big-ip policy enforcement manager/16.1.0
- version/f5 big-ip policy enforcement manager/17.0.0