CVE-2022-41832 An undisclosed message can cause an increase in memory consumption in BIG-IP versions 17.0.x, 16.1.x, 15.1.x, 14.1.x, and 13.1.x when a SIP profile is configured on a virtual server.

This issue most commonly occurs when SIP servers are configured in a virtual server and when there is content in the SIP profile that causes the BIG-IP system to respond with an undisclosed message. This issue has been addressed in these releases by not dereferencing the message for memory efficiency reasons. The issue is also addressed by not accepting undisclosed messages for SIP profiles. Depending on the content of the SIP profile, undisclosed messages can contain sensitive information, such as credit card numbers, or might cause the system to respond with an undisclosed message that is not present in the profile. An example of this issue occurring might be when a SIP profile contains the text “You have won a prize!” and a SIP server receives a SIP message that contains the text “You have won a prize!” This issue has been addressed in these releases by not dereferencing the message for memory efficiency reasons. Additionally, the BIG-IP system will no longer accept undisclosed messages and will not display them in the profile. An example of this issue occurring might be when a SIP profile contains the text “You have won a prize!” and a SIP server receives a SIP message that contains the text “You have won a prize!” This issue has been addressed in these releases by not dereferencing the message for memory efficiency reasons. Additionally, the BIG-IP system will no longer accept undisclosed messages and will not display them in

Multiple GUI and Configuration Issues

This issue is addressed in these releases by not dereferencing the message for memory efficiency reasons. This issue is also addressed by not accepting undisclosed messages for SIP profiles and not displaying undisclosed messages in a SIP profile.

What is the importance of digital marketing?
The importance of digital marketing is that it helps you establish an authoritative online presence and get your brand out there. This enables you to grow your business, which means it's important for your business to invest in digital marketing.

Fixed Issues and Resolved Limitations

This issue has been addressed in these releases by not dereferencing the message for memory efficiency reasons. Additionally, the BIG-IP system will no longer accept undisclosed messages and will not display them in the profile. An example of this issue occurring might be when a SIP profile contains the text “You have won a prize!” and a SIP server receives a SIP message that contains the text “You have won a prize!” This issue has been addressed in these releases by not dereferencing the message for memory efficiency reasons. Additionally, the BIG-IP system will no longer accept undisclosed messages and will not display them in the profile.

How to Enable SSL Inspection for SIP

To enable SSL inspection for SIP profiles, do the following:
1. Navigate to Configuration > BIG-IP System > Advanced > SSL Inspection.
2. Enable SSL inspection for SIP profiles and set the profile destination to Localhost:5060.
3. Navigate to Configuration > Traffic Management > Packet Flow Rules, select a packet flow rule that matches the traffic type of the SIP profile, and then add an action entry that reads like this:
"if src address=*1*5*5*7*1*9**3**7**6*:5060    \ set ssl=on"

Timeline

Published on: 10/19/2022 22:15:00 UTC
Last modified on: 10/24/2022 14:20:00 UTC

References