Severity
High
Analysis Summary
CVE-2022-35245
F5 BIG-IP (APM) is vulnerable to a denial of service, caused by a flaw when access policy is configured on a virtual server. By sending a specially-crafted traffic, a remote attacker could exploit this vulnerability to cause Traffic Management Microkernel (TMM) to terminate, and results in a denial of service condition.
Impact
- Denial of Serivce
Indicators Of Compromise
CVE
- CVE-2022-35245
Affected Vendors
- F5
Affected Products
- F5 BIG-IP (APM) 14.1.0
- F5 BIG-IP (APM) 15.1.0
- F5 BIG-IP (APM) 16.1.0
- F5 BIG-IP (APM) 15.1.6
- F5 BIG-IP (APM) 14.1.5
- F5 BIG-IP (APM) 16.1.3
Remediation
Refer to F5 Security Advisory for patch, upgrade or suggested workaround information.