Shodan
Vulnerabilities
Vulnerable Software
F5:  Security Vulnerabilities
CVE-2022-43285
Nginx NJS v0.7.4 was discovered to contain a segmentation violation in njs_promise_reaction_job. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input.
CVSS Score
7.5
EPSS Score
0.007
Published
2022-10-28
CVE-2022-43286
Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njs_json_parse_iterator_call at njs_json.c.
CVSS Score
9.8
EPSS Score
0.009
Published
2022-10-28
CVE-2022-41780
In F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.4.0, a directory traversal vulnerability exists in an undisclosed location of the F5OS CLI that allows an attacker to read arbitrary files.
CVSS Score
5.5
EPSS Score
0.005
Published
2022-10-19
CVE-2022-41787
In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when DNS profile is configured on a virtual server with DNS Express enabled, undisclosed DNS queries with DNSSEC can cause TMM to terminate.
CVSS Score
7.5
EPSS Score
0.006
Published
2022-10-19
CVE-2022-41806
In versions 16.1.x before 16.1.3.2 and 15.1.x before 15.1.5.1, when BIG-IP AFM Network Address Translation policy with IPv6/IPv4 translation rules is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization.
CVSS Score
7.5
EPSS Score
0.006
Published
2022-10-19
CVE-2022-41813
In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when BIG-IP is provisioned with PEM or AFM module, an undisclosed input can cause Traffic Management Microkernel (TMM) to terminate.
CVSS Score
6.5
EPSS Score
0.006
Published
2022-10-19
CVE-2022-41832
In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when a SIP profile is configured on a virtual server, undisclosed messages can cause an increase in memory resource utilization.
CVSS Score
7.5
EPSS Score
0.006
Published
2022-10-19
CVE-2022-41833
In all BIG-IP 13.1.x versions, when an iRule containing the HTTP::collect command is configured on a virtual server, undisclosed requests can cause Traffic Management Microkernel (TMM) to terminate.
CVSS Score
7.5
EPSS Score
0.006
Published
2022-10-19
CVE-2022-41835
In F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.5.0, excessive file permissions in F5OS allows an authenticated local attacker to execute limited set of commands in a container and impact the F5OS controller.
CVSS Score
7.3
EPSS Score
0.001
Published
2022-10-19
CVE-2022-41836
When an 'Attack Signature False Positive Mode' enabled security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate.
CVSS Score
7.5
EPSS Score
0.006
Published
2022-10-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved