CVE-2022-25990 MEDIUM

CVE-2022-25990

Vendor F5

Product F5OS-A

Weakness CWE-200 · Info exposure

Published May 5, 2022

Last update September 17, 2024

View on NVD All CVEs

CVSS base score

5.3/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality Low

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

On 1.0.x versions prior to 1.0.1, systems running F5OS-A software may expose certain registry ports externally. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Key dates

02Disclosure timeline

May 5, 2022 CVE published

September 17, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-25990

Related vulnerabilities

04Related CVE

CVE-2026-8766 Kilo-Org kilocode Environment Variable config.ts load information disclosure CVE-2023-34236 Information Disclosure Vulnerability in Weave GitOps Terraform Controller CVE-2025-59240 Microsoft Excel Information Disclosure Vulnerability CVE-2024-41733 Information Disclosure Vulnerability in SAP Commerce CVE-2023-30853 Gradle Build Action data written to GitHub Actions Cache may expose secrets