What is the severity of F5-K000132665?

The severity of F5-K000132665 is critical due to the potential exposure of security-related headers.

How do I fix F5-K000132665?

To fix F5-K000132665, update your system to Apache HTTP Server version 2.4.55 or later.

Which products are affected by F5-K000132665?

F5-K000132665 affects versions of F5 BIG-IP, F5OS-A, F5OS-C, and Traffix SDC before specific versions as detailed in the advisory.

What are the risks associated with F5-K000132665?

The risks associated with F5-K000132665 include possible exposure of critical security headers in the response body to clients, compromising security.

How can I identify if I'm affected by F5-K000132665?

You can identify if you are affected by F5-K000132665 by checking the version of Apache HTTP Server and associated F5 products in use.

Vulnerability/
F5-K000132665

high

7.4

22/2/2023

14/2/2025

F5-K000132665

First published: Wed Feb 22 2023(Updated: )

Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.

Affected Software	Affected Version	How to fix
F5 BIG-IP and BIG-IQ Centralized Management	>=17.1.0<=17.1.2
F5 BIG-IP and BIG-IQ Centralized Management	>=16.1.0<=16.1.5
F5 BIG-IP and BIG-IQ Centralized Management	>=15.1.0<=15.1.10
F5 BIG-IP and BIG-IQ Centralized Management	>=14.1.0<=14.1.5
F5 BIG-IP and BIG-IQ Centralized Management	>=13.1.0<=13.1.5
F5 F5OS-A	>=1.3.0<=1.3.2
F5 F5OS-C	>=1.5.0<=1.5.1>=1.3.0<=1.3.2
F5 Traffix Systems Signaling Delivery Controller	=5.2.0

Never miss a vulnerability like this again

Reference Links

https://my.f5.com/manage/s/article/K000132665

Frequently Asked Questions

What is the severity of F5-K000132665?
The severity of F5-K000132665 is critical due to the potential exposure of security-related headers.
How do I fix F5-K000132665?
To fix F5-K000132665, update your system to Apache HTTP Server version 2.4.55 or later.
Which products are affected by F5-K000132665?
F5-K000132665 affects versions of F5 BIG-IP, F5OS-A, F5OS-C, and Traffix SDC before specific versions as detailed in the advisory.
What are the risks associated with F5-K000132665?
The risks associated with F5-K000132665 include possible exposure of critical security headers in the response body to clients, compromising security.
How can I identify if I'm affected by F5-K000132665?
You can identify if you are affected by F5-K000132665 by checking the version of Apache HTTP Server and associated F5 products in use.

agent/last-modified-date
agent/source
agent/severity
agent/references
agent/description
agent/type
agent/softwarecombine
agent/first-publish-date
agent/event
agent/tags
collector/f5-advisory
source/F5
alias/CVE-2022-37436
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/f5
canonical/f5 big-ip and big-iq centralized management
version/f5 big-ip and big-iq centralized management/17.1.0
version/f5 big-ip and big-iq centralized management/17.1.2
version/f5 big-ip and big-iq centralized management/16.1.0
version/f5 big-ip and big-iq centralized management/16.1.5
version/f5 big-ip and big-iq centralized management/15.1.0
version/f5 big-ip and big-iq centralized management/15.1.10
version/f5 big-ip and big-iq centralized management/14.1.0
version/f5 big-ip and big-iq centralized management/14.1.5
version/f5 big-ip and big-iq centralized management/13.1.0
version/f5 big-ip and big-iq centralized management/13.1.5
canonical/f5 f5os-a
version/f5 f5os-a/1.3.0
version/f5 f5os-a/1.3.2
canonical/f5 f5os-c
version/f5 f5os-c/1.5.0
version/f5 f5os-c/1.5.1
version/f5 f5os-c/1.3.0
version/f5 f5os-c/1.3.2
canonical/f5 traffix systems signaling delivery controller
version/f5 traffix systems signaling delivery controller/5.2.0