March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Multiple F5 BIG-IP Vulnerabilities
August 4, 2022Rewterz Threat Advisory – CVE-2022-20869 – Cisco BroadWorks Application Delivery Platform Software Vulnerability
August 4, 2022Rewterz Threat Advisory – Multiple F5 BIG-IP Vulnerabilities
August 4, 2022Rewterz Threat Advisory – CVE-2022-20869 – Cisco BroadWorks Application Delivery Platform Software Vulnerability
August 4, 2022
Severity
High
Analysis Summary
CVE-2022-33203
F5 BIG-IP (APM and SSL Orchestrator) is vulnerable to a denial of service, caused by a flaw when access policy with Service Connect agent is configured on a virtual server. By sending specially-crafted requests, a remote attacker could exploit this vulnerability to cause an increase in memory resource utilization, and results in a denial of service condition.
Impact
- Denial of Serivce
Indicators Of Compromise
CVE
- CVE-2022-33203
Affected Vendors
- F5
Affected Products
- F5 BIG-IP (APM) 14.1.0
- F5 BIG-IP (APM) 15.1.0
- F5 BIG-IP (APM) 14.1.4
- F5 BIG-IP (APM) 16.1.0
- F5 BIG-IP (APM) 16.1.2
- F5 BIG-IP (APM) 15.1.6
- F5 BIG-IP (SSL Orchestrator) 14.1.0
- F5 BIG-IP (SSL Orchestrator) 14.1.4
- F5 BIG-IP (SSL Orchestrator) 15.1.0
- F5 BIG-IP (SSL Orchestrator) 15.1.6
- F5 BIG-IP (SSL Orchestrator) 16.1.0
- F5 BIG-IP (SSL Orchestrator) 16.1.2
Remediation
Refer to F5 Security Advisory for patch, upgrade or suggested workaround information.
F5 Security Advisory