BIG-IP Advanced WAF/ASM bd vulnerability CVE-2022-41691
CVE-2022-41691
7.5HIGH
Summary
When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate.
Affected Version(s)
BIG-IP Advanced WAF & ASM 14.1.x < 14.1.5.2
BIG-IP Advanced WAF & ASM 17.0.0 < 17.0.x*
BIG-IP Advanced WAF & ASM 16.1.x
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
This issue was discovered internally by F5.