This issue has been addressed by updating the affected software. As a precaution, you should monitor traffic to affected appliances. This issue has been addressed in the following software versions: BIG-IP v16.1.3.1, v15.1.7, v14.1.5.1, v13.1.x. Additionally, upgrading to any of the above software versions will resolve this issue. To determine which version of BIG-IP is currently installed on your system, see System Requirements. If you are running an earlier version, contact your support provider to upgrade your system and install the appropriate software version. To update your system, see the Upgrade Guide. A list of currently supported hardware can be found here.
Impact: An attacker can exploit this issue to decrypt and monitor traffic between the BIG-IP system and the client.
Risk: Exposure of sensitive information. Solution: For BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, Intel QAT (QuickAssist Technology) and the AES-GCM/CCM cipher are in use. While these ciphers have been verified to be safe, there have been cases of QAT issues with Intel CPUs. If you are running QAT enabled hardware, you should consider updating your
Check hardware requirements for BIG-IP
BIG-IP v16.3.1, v15.3.7, v14.2.6, and all versions of 13.2.x are not vulnerable to this issue as they do not use Intel QAT (QuickAssist Technology) or the AES-GCM/CCM cipher on Intel CPUs. All other versions of BIG-IP remain partially vulnerable, but can be mitigated by disabling QAT and the AES-GCM/CCM cipher on affected systems prior to the exploit taking place.>>END>>
BIG-IP v16.1.3.1 and v15.1.7
BIG-IP v16.1.3.1 and v15.1.7 are the only versions that can be updated to address this issue. For BIG-IP versions 16.0, 15.5, 14.6, and 13.2, Intel QAT (QuickAssist Technology) and the AES-GCM/CCM cipher are in use and have not been affected by Intel CPUs with issues with performance or security.
Big Corporation: How your digital marketing affects your brand image
As a start-up or small business, you may not have the budget for traditional marketing methods like television advertisements or magazine ads to reach a large audience of potential customers. One alternative is to advertise on social media platforms like Facebook and Instagram where people are getting connected through their smartphones more often than ever before--and that's great news for small businesses! With this innovative approach, you can tap into specialized audiences who want to connect with your brand in an intimate way that offers a lot of personal connection options like messaging and emailing; even live streaming video chats!
One benefit of advertising on social media is that you can target specific groups of people based on factors such as location and age demographics that traditional marketing methods do not offer which helps increase conversion rates and spend less money without sacrificing quality results in return! Another benefit is the ability to create promotional posts with pictures which might appeal to your target audience better than text alone--as studies show they're more likely to click
BIG-IP v16.1.3.1
, v15.1.7, v14.1.5.1, v13.1.x
ASUS RT-AC3200 Dual-band Wireless-AC2600 Gigabit Router with MU-MIMO, 160 MHz Cores, 2x2 AC Wi-Fi, Open Source
This issue has been addressed by updating the affected software. As a precaution, you should monitor traffic to affected appliances. This issue has been addressed in the following software versions: BIG-IP v16.1.3.1 and v15.1.7 . Additionally, upgrading to any of the above software versions will resolve this issue . To determine which version of BIG-IP is currently installed on your system, see System Requirements . If you are running an earlier version, contact your support provider to upgrade your system and install the appropriate software version . To update your system , see the Upgrade Guide . A list of currently supported hardware can be found here .
Impact: An attacker can exploit this issue to decrypt and monitor traffic between the BIG-IP system and the client or server that is connected to it via a Virtual Private Network (VPN).
Risk: Exposure of sensitive information Solution: BIG-IP versions 16.0 before 16.0 U3d and 15 before 15 U5b have been identified as vulnerable to CVE-2022 -41983 . While these ciphers have been verified to be safe, there have been cases of Q
Timeline
Published on: 10/19/2022 22:15:00 UTC
Last modified on: 10/24/2022 15:57:00 UTC