F5 BIG-IP DNS profile denial of service vulnerability

2023-02-0100:00:00

China National Vulnerability Database

www.cnvd.org.cn

f5 big-ip

application delivery

network traffic orchestration

load balancing

intelligent dns

denial of service

0.001 Low

EPSS

Percentile

33.8%

JSON

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP DNS profile, where the Rapid Response Mode ( RRM ) setting is turned on in the DNS profile and the profile is configured to On a hardware syncookie enabled virtual server, an undisclosed request could cause TMM to terminate and an attacker could exploit the vulnerability to cause a denial of service.

CPENameOperatorVersion
f5 big-ip (dns, ltm enabled with dns services license) >=13.1.0，le13.1.5
f5 big-ip (dns, ltm enabled with dns services license) >=14.1.0，le14.1.5
f5 big-ip (dns, ltm enabled with dns services license) >=15.1.0，le15.1.8
f5 big-ip (dns, ltm enabled with dns services license) >=16.1.0，le16.1.3
f5 big-ip (dns, ltm enabled with dns services license)eq17.0.0

Name	Operator	Version
f5 big-ip (dns, ltm enabled with dns services license) >=13.1.0，	le	13.1.5
f5 big-ip (dns, ltm enabled with dns services license) >=14.1.0，	le	14.1.5
f5 big-ip (dns, ltm enabled with dns services license) >=15.1.0，	le	15.1.8
f5 big-ip (dns, ltm enabled with dns services license) >=16.1.0，	le	16.1.3
f5 big-ip (dns, ltm enabled with dns services license)	eq	17.0.0

0.001 Low

EPSS

Percentile

33.8%

JSON

Related for CNVD-2023-05955