Description
In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when a BIG-IP LTM Client SSL profile is configured on a virtual server to perform client certificate authentication with session tickets enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| F5 | BIG-IP | unaffected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2022-35527 | In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when a BIG-IP LTM Client SSL profile is configured on a virtual server to perform client certificate authentication with session tickets enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
References
| Link | Providers |
|---|---|
| https://support.f5.com/csp/article/K16852653 |
|
History
Mon, 16 Sep 2024 23:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when a BIG-IP LTM Client SSL profile is configured on a virtual server to perform client certificate authentication with session tickets enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when a BIG-IP LTM Client SSL profile is configured on a virtual server to perform client certificate authentication with session tickets enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
Subscriptions
F5
Subscribe
Big-ip Access Policy Manager
Subscribe
Big-ip Advanced Firewall Manager
Subscribe
Big-ip Analytics
Subscribe
Big-ip Application Acceleration Manager
Subscribe
Big-ip Application Security Manager
Subscribe
Big-ip Domain Name System
Subscribe
Big-ip Fraud Protection Service
Subscribe
Big-ip Global Traffic Manager
Subscribe
Big-ip Link Controller
Subscribe
Big-ip Local Traffic Manager
Subscribe
Big-ip Policy Enforcement Manager
Subscribe
MITRE
Status: PUBLISHED
Assigner: f5
Published:
Updated: 2024-09-16T23:20:29.620Z
Reserved: 2022-07-19T00:00:00.000Z
Link: CVE-2022-32455
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-08-04T18:15:09.707
Modified: 2024-11-21T07:06:23.073
Link: CVE-2022-32455
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses