CVE-2023-22839

CVSS V2 None CVSS V3 None

Description

On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all version of 13.1.x, when a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Overview

CVE ID
CVE-2023-22839

Assigner
f5sirt@f5.com

Vulnerability Status
Analyzed

Published Version
2023-02-01T18:15:11

Last Modified Date
2023-02-10T00:31:00

Weakness Enumerations

CWE	URL
CWE-476	http://cwe.mitre.org/data/definitions/476.html
CWE-476	http://cwe.mitre.org/data/definitions/476.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version Start	Version End
		AND
cpe:2.3:a:f5:big-ip_domain_name_system::::::::	1	OR	13.1.0	13.1.5
cpe:2.3:a:f5:big-ip_domain_name_system::::::::	1	OR	14.1.0	14.1.5.3
cpe:2.3:a:f5:big-ip_domain_name_system::::::::	1	OR	15.1.0	15.1.7
cpe:2.3:a:f5:big-ip_domain_name_system::::::::	1	OR	16.1.0	16.1.3.3
cpe:2.3:a:f5:big-ip_domain_name_system::::::::	1	OR	17.0.0	17.0.0.2
cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::	1	OR	13.1.0	13.1.5
cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::	1	OR	14.1.0	14.1.5.3
cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::	1	OR	15.1.0	15.1.7
cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::	1	OR	16.1.0	16.1.3.3
cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::	1	OR	17.0.0	17.0.0.2
		AND
cpe:2.3:o:f5:big-ip_10000s_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:big-ip_10000s:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:big-ip_10200v_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:big-ip_10200v:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:big-ip_10200v-ssl_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:big-ip_10200v-ssl:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:big-ip_12000_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:big-ip_12000:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:big-ip_5000s_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:big-ip_5000s:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:big-ip_5200v_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:big-ip_5200v:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:big-ip_5200v-ssl_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:big-ip_5200v-ssl:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:big-ip_7000s_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:big-ip_7000s:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:big-ip_7200v_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:big-ip_7200v:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:big-ip_7200v-ssl_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:big-ip_7200v-ssl:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:big-ip_i10600_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:big-ip_i10600:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:big-ip_i10800_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:big-ip_i10800:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:big-ip_i11600_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:big-ip_i11600:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:big-ip_i11800_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:big-ip_i11800:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:big-ip_i15600_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:big-ip_i15600:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:big-ip_i15800_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:big-ip_i15800:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:big-ip_i5600_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:big-ip_i5600:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:big-ip_i5800_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:big-ip_i5800:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:big-ip_i7600_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:big-ip_i7600:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:big-ip_i7800_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:big-ip_i7800:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:r10600_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:r10600:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:r10800_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:r10800:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:r10900_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:r10900:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:r5600_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:r5600:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:r5800_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:r5800:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:r5900_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:r5900:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:velos_bx110_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:velos_bx110:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:viprion_b2100_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:viprion_b2100:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:viprion_b2150_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:viprion_b2150:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:viprion_b2250_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:viprion_b2250:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:viprion_b4300_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:viprion_b4300:-:::::::*	0	OR
		AND
cpe:2.3:o:f5:viprion_b4450_firmware:-:::::::*	1	OR
cpe:2.3:h:f5:viprion_b4450:-:::::::*	0	OR

References

Reference URL	Reference Tags
https://my.f5.com/manage/s/article/K37708118	Vendor Advisory

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-22839
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22839

History

Created	Old Value	New Value	Data Type	Notes
2023-04-17 07:05:06				Added to TrackCVE
2023-04-17 07:05:08			Weakness Enumeration	new