CVE-2022-23028 Information
Jun 07, 2022
cve
Description
On BIG-IP AFM version 16.x before 16.1.0 15.1.x before 15.1.5 14.1.x before 14.1.4.5 and all versions of 13.1.x when global AFM SYN cookie protection (TCP Half Open flood vector) is activated in the AFM Device Dos or DOS profile certain types of TCP connections will fail. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Reference
https://support.f5.com/csp/article/K16101409
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
NONE
Base Score
LOW
Base Severity
5.3
Share on: