Sign-up

ID

VAR-202205-0361


CVE

CVE-2022-28705


TITLE

plural  F5 Networks  Integer overflow vulnerability in product

Trust: 0.8

sources: JVNDB: JVNDB-2022-010095

DESCRIPTION

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, on platforms with an ePVA and the pva.fwdaccel BigDB variable enabled, undisclosed requests to a virtual server with a FastL4 profile that has ePVA acceleration enabled can cause the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. plural F5 Networks The product contains an integer overflow vulnerability.Service operation interruption (DoS) It may be in a state. F5 BIG-IP is an application delivery platform of F5 that integrates functions such as network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. F5 BIG-IP has an input validation error vulnerability, which can be exploited by an attacker to cause a denial of service on the BIG-IP system

Trust: 1.8

sources: NVD: CVE-2022-28705 // JVNDB: JVNDB-2022-010095 // VULHUB: VHN-420242 // VULMON: CVE-2022-28705

AFFECTED PRODUCTS

vendor:f5model:big-ip global traffic managerscope:eqversion:14.1.4

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:14.1.2

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:15.1.3

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:15.1.5

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:15.1.3

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:15.1.5

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:13.1.4

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:16.1.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:13.1.4

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:16.1.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:16.1.2

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:15.1.1

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:17.0.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:16.1.2

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:15.1.1

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:14.1.2

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:15.1.3

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:15.1.5

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:14.1.4

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:14.1.2

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:15.1.2

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:13.1.4

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:17.0.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:16.1.2

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:15.1.3

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:15.1.5

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:17.0.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:15.1.3

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:15.1.5

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:13.1.1

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:13.1.3

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:13.1.4

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:13.1.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:15.1.4

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:13.1.4

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:16.1.2

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:15.1.1

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:16.1.2

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:16.1.1

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:14.1.4

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:15.1.4

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:14.1.4

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:13.1.1

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:13.1.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:14.1.2

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:14.1.3

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:15.1.3

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:15.1.5

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:17.0.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:13.1.3

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:13.1.3

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:13.1.4

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:14.1.3

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:14.1.2

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:16.1.2

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:15.1.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:16.1.1

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:14.1.3

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:14.1.3

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:15.1.2

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:15.1.3

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:15.1.5

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:14.1.4

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:16.1.1

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:13.1.3

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:15.1.1

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:13.1.1

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:16.1.1

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:15.1.4

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:15.1.3

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:15.1.5

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:14.1.4

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:14.1.3

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:13.1.4

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:15.1.1

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:15.1.3

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:15.1.5

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:16.1.2

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:13.1.1

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:15.1.3

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:15.1.5

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:13.1.4

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:14.1.3

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:13.1.4

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:16.1.2

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:15.1.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:15.1.2

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:15.1.2

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:14.1.2

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:16.1.2

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:15.1.1

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:13.1.1

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:13.1.3

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:17.0.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:16.1.1

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:15.1.2

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:15.1.4

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:13.1.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:14.1.3

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:13.1.1

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:15.1.2

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:13.1.3

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:15.1.2

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:15.1.3

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:15.1.5

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:14.1.4

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:14.1.3

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:13.1.4

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:14.1.2

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:15.1.4

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:13.1.3

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:14.1.2

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:16.1.2

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:15.1.1

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:14.1.3

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:17.0.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:17.0.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:13.1.3

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:15.1.1

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:13.1.3

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:17.0.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:13.1.1

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:15.1.2

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:14.1.2

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:13.1.5

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:14.1.4

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:17.0.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:14.1.4

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:17.0.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:13.1.1

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:15.1.4

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:16.1.1

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:15.1.4

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:14.1.3

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:14.1.4

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:15.1.4

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:13.1.3

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:14.1.4

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:15.1.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:16.1.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:15.1.2

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:14.1.2

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:13.1.4

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:17.0.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:15.1.1

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:15.1.4

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:15.1.2

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:16.1.2

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:13.1.3

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:15.1.2

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:16.1.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:16.1.1

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:14.1.2

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:13.1.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:14.1.3

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:15.1.4

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:15.1.4

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:eqversion:16.1.1

Trust: 1.0

vendor:f5model:big-ip analyticsscope: - version: -

Trust: 0.8

vendor:f5model:big-ip local traffic managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip application acceleration managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip application security managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip link controllerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip global traffic managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip domain name systemscope: - version: -

Trust: 0.8

vendor:f5model:big-ip advanced firewall managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip fraud protection servicescope: - version: -

Trust: 0.8

vendor:f5model:big-ip access policy managerscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-010095 // NVD: CVE-2022-28705

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-28705
value: HIGH

Trust: 1.0

f5sirt@f5.com: CVE-2022-28705
value: HIGH

Trust: 1.0

NVD: CVE-2022-28705
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202205-2049
value: HIGH

Trust: 0.6

VULHUB: VHN-420242
value: MEDIUM

Trust: 0.1

VULMON: CVE-2022-28705
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-28705
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-420242
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-28705
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 2.0

OTHER: JVNDB-2022-010095
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-420242 // VULMON: CVE-2022-28705 // JVNDB: JVNDB-2022-010095 // CNNVD: CNNVD-202205-2049 // NVD: CVE-2022-28705 // NVD: CVE-2022-28705

PROBLEMTYPE DATA

problemtype:CWE-190

Trust: 1.1

problemtype:Integer overflow or wraparound (CWE-190) [ others ]

Trust: 0.8

sources: VULHUB: VHN-420242 // JVNDB: JVNDB-2022-010095 // NVD: CVE-2022-28705

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202205-2049

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202205-2049

PATCH

title:K52340447url:https://support.f5.com/csp/article/K52340447

Trust: 0.8

title:F5 BIG-IP Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=191811

Trust: 0.6

sources: JVNDB: JVNDB-2022-010095 // CNNVD: CNNVD-202205-2049

EXTERNAL IDS

db:NVDid:CVE-2022-28705

Trust: 3.4

db:JVNDBid:JVNDB-2022-010095

Trust: 0.8

db:AUSCERTid:ESB-2022.2149

Trust: 0.6

db:CNNVDid:CNNVD-202205-2049

Trust: 0.6

db:CNVDid:CNVD-2022-77524

Trust: 0.1

db:VULHUBid:VHN-420242

Trust: 0.1

db:VULMONid:CVE-2022-28705

Trust: 0.1

sources: VULHUB: VHN-420242 // VULMON: CVE-2022-28705 // JVNDB: JVNDB-2022-010095 // CNNVD: CNNVD-202205-2049 // NVD: CVE-2022-28705

REFERENCES

url:https://support.f5.com/csp/article/k52340447

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-28705

Trust: 0.8

url:https://vigilance.fr/vulnerability/f5-big-ip-denial-of-service-via-epva-fastl4-profile-38222

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-28705/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2149

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/190.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-420242 // VULMON: CVE-2022-28705 // JVNDB: JVNDB-2022-010095 // CNNVD: CNNVD-202205-2049 // NVD: CVE-2022-28705

SOURCES

db:VULHUBid:VHN-420242
db:VULMONid:CVE-2022-28705
db:JVNDBid:JVNDB-2022-010095
db:CNNVDid:CNNVD-202205-2049
db:NVDid:CVE-2022-28705

LAST UPDATE DATE

2024-11-23T22:04:53.923000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-420242date:2022-05-12T00:00:00
db:VULMONid:CVE-2022-28705date:2022-05-12T00:00:00
db:JVNDBid:JVNDB-2022-010095date:2023-08-10T07:18:00
db:CNNVDid:CNNVD-202205-2049date:2022-05-13T00:00:00
db:NVDid:CVE-2022-28705date:2024-11-21T06:57:46.377

SOURCES RELEASE DATE

db:VULHUBid:VHN-420242date:2022-05-05T00:00:00
db:VULMONid:CVE-2022-28705date:2022-05-05T00:00:00
db:JVNDBid:JVNDB-2022-010095date:2023-08-10T00:00:00
db:CNNVDid:CNNVD-202205-2049date:2022-05-04T00:00:00
db:NVDid:CVE-2022-28705date:2022-05-05T17:15:14.433