F5 BIG-IP SSL OCSP Authentication Profile Denial of Service Vulnerability

2023-02-0100:00:00

China National Vulnerability Database

www.cnvd.org.cn

f5 big-ip

denial of service

ssl

ocsp

authentication

vulnerability

cpu resource

remote attacker

service degradation

0.001 Low

EPSS

Percentile

33.8%

JSON

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP SSL OCSP authentication profile, when a virtual server is configured with an OCSP authentication profile, an undisclosed request could lead to an increase in CPU resource utilization and an un authenticated remote attacker can exploit the vulnerability to cause service degradation, resulting in a denial of service on the BIG-IP system.

CPENameOperatorVersion
f5 big-ip (all modules) >=13.1.0，le13.1.5
f5 big-ip (all modules) >=16.1.0，le16.1.3
f5 big-ip (all modules)eq17.0.0
f5 big-ip (all modules) >=14.1.0，le14.1.5
f5 big-ip (all modules) >=15.1.0，le15.1.8

Name	Operator	Version
f5 big-ip (all modules) >=13.1.0，	le	13.1.5
f5 big-ip (all modules) >=16.1.0，	le	16.1.3
f5 big-ip (all modules)	eq	17.0.0
f5 big-ip (all modules) >=14.1.0，	le	14.1.5
f5 big-ip (all modules) >=15.1.0，	le	15.1.8

0.001 Low

EPSS

Percentile

33.8%

JSON

Related for CNVD-2023-05963