VYPR
Unrated severityNVD Advisory· Published Oct 19, 2022· Updated May 8, 2025

BIG-IP software SYN cookies vulnerability CVE-2022-36795

CVE-2022-36795

Description

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, and 14.1.x before 14.1.5.1, when an LTM TCP profile with Auto Receive Window Enabled is configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing new client connections.

Affected products

2
  • F5, Inc./Big IPllm-fuzzy2 versions
    17.0.x < 17.0.0.1, 16.1.x < 16.1.3.1, 15.1.x < 15.1.7, 14.1.x < 14.1.5.1+ 1 more
    • (no CPE)range: 17.0.x < 17.0.0.1, 16.1.x < 16.1.3.1, 15.1.x < 15.1.7, 14.1.x < 14.1.5.1
    • (no CPE)range: 17.0.x

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.