In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when a BIG-IP LTM Client SSL profile is configured on a virtual server to perform client certificate authentication with session tickets enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| F5 | BIG-IP | unaffected |
|
Configuration 1 [-]
|
No data.
No data.
Project Subscriptions
| Vendors | Products |
|---|---|
|
F5
Subscribe
|
Big-ip Access Policy Manager
Subscribe
Big-ip Advanced Firewall Manager
Subscribe
Big-ip Analytics
Subscribe
Big-ip Application Acceleration Manager
Subscribe
Big-ip Application Security Manager
Subscribe
Big-ip Domain Name System
Subscribe
Big-ip Fraud Protection Service
Subscribe
Big-ip Global Traffic Manager
Subscribe
Big-ip Link Controller
Subscribe
Big-ip Local Traffic Manager
Subscribe
Big-ip Policy Enforcement Manager
Subscribe
|
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2022-35527 | In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when a BIG-IP LTM Client SSL profile is configured on a virtual server to perform client certificate authentication with session tickets enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
| Link | Providers |
|---|---|
| https://support.f5.com/csp/article/K16852653 |
|
History
Mon, 16 Sep 2024 23:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when a BIG-IP LTM Client SSL profile is configured on a virtual server to perform client certificate authentication with session tickets enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when a BIG-IP LTM Client SSL profile is configured on a virtual server to perform client certificate authentication with session tickets enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: f5
Published:
Updated: 2024-09-16T23:20:29.620Z
Reserved: 2022-07-19T00:00:00
Link: CVE-2022-32455
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-08-04T18:15:09.707
Modified: 2024-11-21T07:06:23.073
Link: CVE-2022-32455
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses