First published: Wed Feb 01 2023(Updated: )
On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a BIG-IP AFM NAT policy with a destination NAT rule is configured on a FastL4 virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Credit: f5sirt@f5.com
Affected Software | Affected Version | How to fix |
---|---|---|
F5 BIG-IP Advanced Firewall Manager | >=13.1.0<=13.1.5 | |
F5 BIG-IP Advanced Firewall Manager | >=14.1.0<14.1.5.3 | |
F5 BIG-IP Advanced Firewall Manager | >=15.1.0<15.1.8 | |
F5 BIG-IP Advanced Firewall Manager | >=16.1.0<16.1.3.3 | |
F5 BIG-IP Advanced Firewall Manager | >=17.0.0<17.0.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-22281 is a vulnerability that affects F5 Big-ip Advanced Firewall Manager (AFM) versions 13.1.x, 14.1.x, 15.1.x, 16.1.x, and 17.0.x before certain patch versions.
CVE-2023-22281 has a severity rating of 7.5 out of 10, which is considered high.
CVE-2023-22281 affects F5 Big-ip Advanced Firewall Manager (AFM) versions 13.1.x, 14.1.x, 15.1.x, 16.1.x, and 17.0.x before certain patch versions.
To fix CVE-2023-22281, you need to apply the recommended patches and updates provided by F5 Networks. Make sure you update to the appropriate patched versions for your F5 Big-ip Advanced Firewall Manager (AFM) installation.
You can find more information about CVE-2023-22281 on the F5 Networks website at https://my.f5.com/manage/s/article/K46048342.