Memory Resource Utilization Flaw in F5 BIG-IP and BIG-IQ Products
CVE-2022-23023

6.5MEDIUM

Key Information:

Vendor: F5
Status: Big-ip & Big-iq
Vendor: CVE Published:; 25 January 2022

What is CVE-2022-23023?

On certain versions of F5 Networks' BIG-IP and BIG-IQ products, an authenticated iControl REST user can inadvertently trigger an increase in memory resource utilization through undisclosed requests. This can lead to performance issues, making the systems more vulnerable to potential exploits. It's essential for users to ensure they are running supported versions as software versions reaching End of Technical Support (EoTS) are not examined for such vulnerabilities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

BIG-IP & BIG-IQ BIG-IP version 16.1.x before 16.1.2.1, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all versions of 13.1.x and 12.1.x, and BIG-IQ all versions of 8.x and 7.x

References

https://support.f5.com/csp/article/K11742742

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 25, 2022
Vulnerability Reserved
Jan 10, 2022

JSON

F5

What is CVE-2022-23023?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.