VDB
CVE-2022-28716
CVE-2022-28716
PUBLISHED
CVSS 7.5 HIGH
On 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x 11.6.x, a DOM-based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP AFM, CGNAT, and PEM Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
EPSS 0.74% · 73.2th percentile
Risk Scores
CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
0.74%
73.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| f5 | big-ip_advanced_firewall_manager | 14.1.0, 16.1.0, 11.6.1 |
| f5 | big-ip_policy_enforcement_manager | 11.6.1, 16.1.0, 15.1.0 |
| f5 | big-ip_carrier-grade_nat | 13.1.0, 12.1.0, 14.1.0 |
| F5 | BIG-IP | 17.0.0, 12.1.x, * |
Timeline
- May 5, 2022 CVE Published
- May 6, 2022 EPSS Score
- Jun 24, 2022 EPSS Score
- Aug 14, 2022 EPSS Score
- Oct 2, 2022 EPSS Score
- Nov 21, 2022 EPSS Score
- Jan 9, 2023 EPSS Score
- Feb 27, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Jun 6, 2023 EPSS Score
- Jul 25, 2023 EPSS Score
- Sep 13, 2023 EPSS Score
References
- https://support.f5.com/csp/article/K54082580 advisory
- https://support.f5.com/csp/article/K41440465 advisory
- https://support.f5.com/csp/article/K21317311 advisory
- https://support.f5.com/csp/article/K31856317 advisory
- https://support.f5.com/csp/article/K14229426 advisory
- https://support.f5.com/csp/article/K23454411 advisory
- https://support.f5.com/csp/article/K71103363 advisory
- https://support.f5.com/csp/article/K06323049 advisory
- https://support.f5.com/csp/article/K49905324 advisory
- https://support.f5.com/csp/article/K39002226 advisory
- https://support.f5.com/csp/article/K93543114 advisory
- https://support.f5.com/csp/article/K25451853 advisory
- https://support.f5.com/csp/article/K24248011 advisory
- https://support.f5.com/csp/article/K54460845 advisory
- https://support.f5.com/csp/article/K51539421 advisory
- https://support.f5.com/csp/article/K92306170 advisory
- https://support.f5.com/csp/article/K37155600 advisory
- https://support.f5.com/csp/article/K64124988 advisory
- https://support.f5.com/csp/article/K17341495 advisory
- https://support.f5.com/csp/article/K38271531 advisory
…and 25 more