Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
BIG-IP TMM Vulnerability CVE-2022-41983
Vulnerability Description
On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, while Intel QAT (QuickAssist Technology) and the AES-GCM/CCM cipher is in use, undisclosed conditions can cause BIG-IP to send data unencrypted even with an SSL Profile applied.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
敏感数据的明文传输
Vulnerability Title
F5 BIG-IP 安全漏洞
Vulnerability Description
F5 BIG-IP是美国F5公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的应用交付平台。 F5 BIG-IP 存在安全漏洞,该漏洞源于其虽然使用了Intel QAT(QuickAssist技术)和AES-GCM/CCM密码,但未披露的条件可能导致BIG-IP发送未加密的数据(即使应用了SSL配置文件)。以下版本受到影响:16.1.3.1之前的16.1.x版本、15.1.7之前的15.1.x版本、14.1.5.1之前的14.1.x版本和13.1.x之前的所有版本。
CVSS Information
N/A
Vulnerability Type
N/A