CVE-2021-23051

Published Sep 14, 2021

Last updated 3 years ago

CVSS high 7.5

Overview

Description: On BIG-IP versions 15.1.0.4 through 15.1.3, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP on Amazon Web Services (AWS) systems, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. This is due to an incomplete fix for CVE-2020-5862. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Source: f5sirt@f5.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
f5sirt@f5.com: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F0ECDE7-241C-4758-A13B-6E5EF55CBD71",
            "versionEndExcluding": "15.1.3.1",
            "versionStartIncluding": "15.1.0.4"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC661C49-1879-4B08-BAD8-53E90F06307A",
            "versionEndExcluding": "15.1.3.1",
            "versionStartIncluding": "15.1.0.4"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA69A5BA-ADE7-4FE2-9F09-DA82D435ED2E",
            "versionEndExcluding": "15.1.3.1",
            "versionStartIncluding": "15.1.0.4"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6E4774B-47F1-43E1-8904-1F38A11A5059",
            "versionEndExcluding": "15.1.3.1",
            "versionStartIncluding": "15.1.0.4"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E40EE5E1-39A3-48CB-AC4B-4CE0DEE1A7B5",
            "versionEndExcluding": "15.1.3.1",
            "versionStartIncluding": "15.1.0.4"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F504154-98BB-40ED-9A84-9E71DD61371E",
            "versionEndExcluding": "15.1.3.1",
            "versionStartIncluding": "15.1.0.4"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A338F0A-105E-4857-BA6C-9BAD4304C852",
            "versionEndExcluding": "15.1.3.1",
            "versionStartIncluding": "15.1.0.4"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1466B615-0A6F-445F-B6A3-C02A8F57023B",
            "versionEndExcluding": "15.1.3.1",
            "versionStartIncluding": "15.1.0.4"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1C9BA7D-D4A1-4960-9048-7DA861D0632C",
            "versionEndExcluding": "15.1.3.1",
            "versionStartIncluding": "15.1.0.4"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D45A549-CBC6-4A76-B3F8-35E6150774DC",
            "versionEndExcluding": "15.1.3.1",
            "versionStartIncluding": "15.1.0.4"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "59E41916-5F06-420C-898D-EAC98EB743D1",
            "versionEndExcluding": "15.1.3.1",
            "versionStartIncluding": "15.1.0.4"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References