Forum Discussion
THE_BLUE
Cirrostratus
CirrostratusCVE-2022-1388
| roduct | Branch | Versions known to be vulnerable1 | Fixes introduced in | Severity | CVSSv3 score2 | Vulnerable component or feature |
| BIG-IP (all modules) | 17.x | None | 17.0.0 | Critical | 9.8 | iControl REST |
| 16.x | 16.1.0 - 16.1.2 | 16.1.2.2 | ||||
| 15.x | 15.1.0 - 15.1.5 | 15.1.5.1 | ||||
| 14.x | 14.1.0 - 14.1.4 | 14.1.4.6 | ||||
| 13.x | 13.1.0 - 13.1.4 | 13.1.5 | ||||
| 12.x | 12.1.0 - 12.1.6 | Will not fix | ||||
| 11.x | 11.6.1 - 11.6.5 |
so if I'm running 14.1.2.1 , I'm effcted of this vulnerability?
Eveything from 14.1.0 to 14.1.4.x is vulnerable, up until 14.1.4.6, where the CVE has been fixed for the 14.1.x branch.
You can also simply upload a QKView to iHealth.
K27404821: Using F5 iHealth to diagnose vulnerabilities
AskF5 YouTube: Reviewing BIG-IP iHealth Diagnostics to determine potential system vulnerabilities
- nmb-AskF5
Employee
Eveything from 14.1.0 to 14.1.4.x is vulnerable, up until 14.1.4.6, where the CVE has been fixed for the 14.1.x branch.
You can also simply upload a QKView to iHealth.
K27404821: Using F5 iHealth to diagnose vulnerabilities
AskF5 YouTube: Reviewing BIG-IP iHealth Diagnostics to determine potential system vulnerabilities
- Lidev
MVP
Hi,
have you check the K article below ?
K51812227: Understanding security advisory versioning
THE_BLUEthank you, i will check.
RuthEasterNimbostratus
Thanks, I will also check those articles.
