1. Home
  2. CVE Database
  3. CVE-2022-29480
MEDIUM · 5.3

CVE-2022-29480

On F5 BIG-IP 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, when multiple route domains are configured, undisclosed requests to big3d can cause an increase in CPU resource uti...

Vulnerability Description

On F5 BIG-IP 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, when multiple route domains are configured, undisclosed requests to big3d can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
LOW

Affected Products

VendorProductVersions
F5Big-Ip Access Policy Manager11.6.1
F5Big-Ip Advanced Firewall Manager11.6.1
F5Big-Ip Analytics11.6.1
F5Big-Ip Application Acceleration Manager11.6.1
F5Big-Ip Application Security Manager11.6.1
F5Big-Ip Domain Name System11.6.1
F5Big-Ip Fraud Protection Service11.6.1
F5Big-Ip Global Traffic Manager11.6.1
F5Big-Ip Link Controller11.6.1
F5Big-Ip Local Traffic Manager11.6.1
F5Big-Ip Policy Enforcement Manager11.6.1

Related Weaknesses (CWE)

CWE-400

References

FAQ

What is CVE-2022-29480?

CVE-2022-29480 is a vulnerability with a CVSS score of 5.3 (MEDIUM). On F5 BIG-IP 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, when multiple route domains are configured, undisclosed requests to big3d can cause an increase in CPU resource uti...

How severe is CVE-2022-29480?

CVE-2022-29480 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-29480?

Check the references section above for vendor advisories and patch information. Affected products include: F5 Big-Ip Access Policy Manager, F5 Big-Ip Advanced Firewall Manager, F5 Big-Ip Analytics, F5 Big-Ip Application Acceleration Manager, F5 Big-Ip Application Security Manager.