CVE-2022-33968

MEDIUM Year: 2022
CVSS v3 Score
4.9
Medium
Weakness Type
CWE-125
View all →

Vulnerability Description

In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, when an LTM monitor or APM SSO is configured on a virtual server, and NTLM challenge-response is in use, undisclosed traffic can cause a buffer over-read. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Related Vulnerabilities

CVE-2018-17206

MEDIUM
CVSS:4.9(Medium)

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding.

CWE-1252018

CVE-2019-9431

MEDIUM
CVSS:4.9(Medium)

In Bluetooth, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with heap information written to the log with System execution privileges...

CWE-1252019

CVE-2019-9434

MEDIUM
CVSS:4.9(Medium)

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with heap information written to the log with System execution priv...

CWE-1252019

CVE-2020-0157

MEDIUM
CVSS:4.9(Medium)

In nfa_hci_conn_cback of nfa_hci_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure via compromised device firmware with Sy...

CWE-1252020

CVE-2020-0348

MEDIUM
CVSS:4.9(Medium)

In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over NFC with System execution privileges needed. User interaction is not...

CWE-1252020

CVE-2021-0660

MEDIUM
CVSS:4.9(Medium)

In ccu, there is a possible out of bounds read due to incorrect error handling. This could lead to information disclosure with System execution privileges needed. User interaction is not needed for ex...

CWE-1252021