Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-22839

On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all version of 13.1.x, when a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Published

2023-02-01T18:15:11.750

Last Modified

2024-11-21T07:45:29.820

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Secondary
CWE-476
Type: Primary
CWE-476

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	f5	big-ip_domain_name_system	≤ 13.1.5	Yes
Application	f5	big-ip_domain_name_system	< 14.1.5.3	Yes
Application	f5	big-ip_domain_name_system	< 15.1.7	Yes
Application	f5	big-ip_domain_name_system	< 16.1.3.3	Yes
Application	f5	big-ip_domain_name_system	< 17.0.0.2	Yes
Application	f5	big-ip_local_traffic_manager	≤ 13.1.5	Yes
Application	f5	big-ip_local_traffic_manager	< 14.1.5.3	Yes
Application	f5	big-ip_local_traffic_manager	< 15.1.7	Yes
Application	f5	big-ip_local_traffic_manager	< 16.1.3.3	Yes
Application	f5	big-ip_local_traffic_manager	< 17.0.0.2	Yes
Operating System	f5	big-ip_10000s_firmware	-	Yes
Hardware	f5	big-ip_10000s	-	No
Operating System	f5	big-ip_10200v_firmware	-	Yes
Hardware	f5	big-ip_10200v	-	No
Operating System	f5	big-ip_10200v-ssl_firmware	-	Yes
Hardware	f5	big-ip_10200v-ssl	-	No
Operating System	f5	big-ip_12000_firmware	-	Yes
Hardware	f5	big-ip_12000	-	No
Operating System	f5	big-ip_5000s_firmware	-	Yes
Hardware	f5	big-ip_5000s	-	No
Operating System	f5	big-ip_5200v_firmware	-	Yes
Hardware	f5	big-ip_5200v	-	No
Operating System	f5	big-ip_5200v-ssl_firmware	-	Yes
Hardware	f5	big-ip_5200v-ssl	-	No
Operating System	f5	big-ip_7000s_firmware	-	Yes
Hardware	f5	big-ip_7000s	-	No
Operating System	f5	big-ip_7200v_firmware	-	Yes
Hardware	f5	big-ip_7200v	-	No
Operating System	f5	big-ip_7200v-ssl_firmware	-	Yes
Hardware	f5	big-ip_7200v-ssl	-	No
Operating System	f5	big-ip_i10600_firmware	-	Yes
Hardware	f5	big-ip_i10600	-	No
Operating System	f5	big-ip_i10800_firmware	-	Yes
Hardware	f5	big-ip_i10800	-	No
Operating System	f5	big-ip_i11600_firmware	-	Yes
Hardware	f5	big-ip_i11600	-	No
Operating System	f5	big-ip_i11800_firmware	-	Yes
Hardware	f5	big-ip_i11800	-	No
Operating System	f5	big-ip_i15600_firmware	-	Yes
Hardware	f5	big-ip_i15600	-	No
Operating System	f5	big-ip_i15800_firmware	-	Yes
Hardware	f5	big-ip_i15800	-	No
Operating System	f5	big-ip_i5600_firmware	-	Yes
Hardware	f5	big-ip_i5600	-	No
Operating System	f5	big-ip_i5800_firmware	-	Yes
Hardware	f5	big-ip_i5800	-	No
Operating System	f5	big-ip_i7600_firmware	-	Yes
Hardware	f5	big-ip_i7600	-	No
Operating System	f5	big-ip_i7800_firmware	-	Yes
Hardware	f5	big-ip_i7800	-	No
Operating System	f5	r10600_firmware	-	Yes
Hardware	f5	r10600	-	No
Operating System	f5	r10800_firmware	-	Yes
Hardware	f5	r10800	-	No
Operating System	f5	r10900_firmware	-	Yes
Hardware	f5	r10900	-	No
Operating System	f5	r5600_firmware	-	Yes
Hardware	f5	r5600	-	No
Operating System	f5	r5800_firmware	-	Yes
Hardware	f5	r5800	-	No
Operating System	f5	r5900_firmware	-	Yes
Hardware	f5	r5900	-	No
Operating System	f5	velos_bx110_firmware	-	Yes
Hardware	f5	velos_bx110	-	No
Operating System	f5	viprion_b2100_firmware	-	Yes
Hardware	f5	viprion_b2100	-	No
Operating System	f5	viprion_b2150_firmware	-	Yes
Hardware	f5	viprion_b2150	-	No
Operating System	f5	viprion_b2250_firmware	-	Yes
Hardware	f5	viprion_b2250	-	No
Operating System	f5	viprion_b4300_firmware	-	Yes
Hardware	f5	viprion_b4300	-	No
Operating System	f5	viprion_b4450_firmware	-	Yes
Hardware	f5	viprion_b4450	-	No

References

https://my.f5.com/manage/s/article/K37708118 Vendor Advisory ([email protected])
https://my.f5.com/manage/s/article/K37708118 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)