CVE-2022-33203: 
F5 BIG-IP Virtual Edition vulnerability analysis and mitigation

CVE-2022-33203 affects BIG-IP versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5. The vulnerability is present when a BIG-IP APM access policy with Service Connect agent is configured on a virtual server (F5 Advisory).

The vulnerability occurs when a BIG-IP APM access policy with Service Connect agent is configured on a virtual server, where undisclosed requests can cause an increase in memory resource utilization. The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (NVD).

When exploited, this vulnerability can lead to increased memory resource utilization in the affected systems, potentially causing service degradation or denial of service conditions (F5 Advisory).

F5 has released patched versions to address this vulnerability. Users should upgrade to version 16.1.3, 15.1.6.1, or 14.1.5 or later depending on their current version track. Note that software versions which have reached End of Technical Support (EoTS) are not evaluated (F5 Advisory).