Lucene search
HistoryOct 10, 2023 - 1:15 p.m.
CVE-2023-40542
cve
2023
40542
tcp
verified accept
virtual server
memory
resource utilization
nvd
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 High
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
16.9%
When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Affected configurations
Node
f5big-ip_access_policy_managerRange13.1.0–13.1.5
ORf5big-ip_access_policy_managerRange14.1.0–14.1.5
ORf5big-ip_access_policy_managerRange15.1.0–15.1.9
ORf5big-ip_access_policy_managerRange16.1.0–16.1.4
ORf5big-ip_advanced_firewall_managerRange13.1.0–13.1.5
ORf5big-ip_advanced_firewall_managerRange14.1.0–14.1.5
ORf5big-ip_advanced_firewall_managerRange15.1.0–15.1.9
ORf5big-ip_advanced_firewall_managerRange16.1.0–16.1.4
ORf5big-ip_advanced_web_application_firewallRange13.1.0–13.1.5
ORf5big-ip_advanced_web_application_firewallRange14.1.0–14.1.5
ORf5big-ip_advanced_web_application_firewallRange15.1.0–15.1.9
ORf5big-ip_advanced_web_application_firewallRange16.1.0–16.1.4
ORf5big-ip_analyticsRange13.1.0–13.1.5
ORf5big-ip_analyticsRange14.1.0–14.1.5
ORf5big-ip_analyticsRange15.1.0–15.1.9
ORf5big-ip_analyticsRange16.1.0–16.1.4
ORf5big-ip_application_acceleration_managerRange13.1.0–13.1.5
ORf5big-ip_application_acceleration_managerRange14.1.0–14.1.5
ORf5big-ip_application_acceleration_managerRange15.1.0–15.1.9
ORf5big-ip_application_acceleration_managerRange16.1.0–16.1.4
ORf5big-ip_application_security_managerRange13.1.0–13.1.5
ORf5big-ip_application_security_managerRange14.1.0–14.1.5
ORf5big-ip_application_security_managerRange15.1.0–15.1.9
ORf5big-ip_application_security_managerRange16.1.0–16.1.4
ORf5big-ip_application_visibility_and_reportingRange13.1.0–13.1.5
ORf5big-ip_application_visibility_and_reportingRange14.1.0–14.1.5
ORf5big-ip_application_visibility_and_reportingRange15.1.0–15.1.9
ORf5big-ip_application_visibility_and_reportingRange16.1.0–16.1.4
ORf5big-ip_carrier-grade_natRange13.1.0–13.1.5
ORf5big-ip_carrier-grade_natRange14.1.0–14.1.5
ORf5big-ip_carrier-grade_natRange15.1.0–15.1.9
ORf5big-ip_carrier-grade_natRange16.1.0–16.1.4
ORf5big-ip_ddos_hybrid_defenderRange13.1.0–13.1.5
ORf5big-ip_ddos_hybrid_defenderRange14.1.0–14.1.5
ORf5big-ip_ddos_hybrid_defenderRange15.1.0–15.1.9
ORf5big-ip_ddos_hybrid_defenderRange16.1.0–16.1.4
ORf5big-ip_domain_name_systemRange13.1.0–13.1.5
ORf5big-ip_domain_name_systemRange14.1.0–14.1.5
ORf5big-ip_domain_name_systemRange15.1.0–15.1.9
ORf5big-ip_domain_name_systemRange16.1.0–16.1.4
ORf5big-ip_edge_gatewayRange13.1.0–13.1.5
ORf5big-ip_edge_gatewayRange14.1.0–14.1.5
ORf5big-ip_edge_gatewayRange15.1.0–15.1.9
ORf5big-ip_edge_gatewayRange16.1.0–16.1.4
ORf5big-ip_fraud_protection_serviceRange13.1.0–13.1.5
ORf5big-ip_fraud_protection_serviceRange14.1.0–14.1.5
ORf5big-ip_fraud_protection_serviceRange15.1.0–15.1.9
ORf5big-ip_fraud_protection_serviceRange16.1.0–16.1.4
ORf5big-ip_global_traffic_managerRange13.1.0–13.1.5
ORf5big-ip_global_traffic_managerRange14.1.0–14.1.5
ORf5big-ip_global_traffic_managerRange15.1.0–15.1.9
ORf5big-ip_global_traffic_managerRange16.1.0–16.1.4
ORf5big-ip_link_controllerRange13.1.0–13.1.5
ORf5big-ip_link_controllerRange14.1.0–14.1.5
ORf5big-ip_link_controllerRange15.1.0–15.1.9
ORf5big-ip_link_controllerRange16.1.0–16.1.4
ORf5big-ip_local_traffic_managerRange13.1.0–13.1.5
ORf5big-ip_local_traffic_managerRange14.1.0–14.1.5
ORf5big-ip_local_traffic_managerRange15.1.0–15.1.9
ORf5big-ip_local_traffic_managerRange16.1.0–16.1.4
ORf5big-ip_policy_enforcement_managerRange13.1.0–13.1.5
ORf5big-ip_policy_enforcement_managerRange14.1.0–14.1.5
ORf5big-ip_policy_enforcement_managerRange15.1.0–15.1.9
ORf5big-ip_policy_enforcement_managerRange16.1.0–16.1.4
ORf5big-ip_ssl_orchestratorRange13.1.0–13.1.5
ORf5big-ip_ssl_orchestratorRange14.1.0–14.1.5
ORf5big-ip_ssl_orchestratorRange15.1.0–15.1.9
ORf5big-ip_ssl_orchestratorRange16.1.0–16.1.4
ORf5big-ip_webacceleratorRange13.1.0–13.1.5
ORf5big-ip_webacceleratorRange14.1.0–14.1.5
ORf5big-ip_webacceleratorRange15.1.0–15.1.9
ORf5big-ip_webacceleratorRange16.1.0–16.1.4
ORf5big-ip_websafeRange13.1.0–13.1.5
ORf5big-ip_websafeRange14.1.0–14.1.5
ORf5big-ip_websafeRange15.1.0–15.1.9
ORf5big-ip_websafeRange16.1.0–16.1.4
CNA Affected
[
{
"defaultStatus": "unknown",
"modules": [
"All Modules"
],
"product": "BIG-IP",
"vendor": "F5",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "17.1.0",
"versionType": "semver"
},
{
"lessThan": "16.1.4",
"status": "affected",
"version": "16.1.0",
"versionType": "semver"
},
{
"lessThan": "15.1.9",
"status": "affected",
"version": "15.1.0",
"versionType": "semver"
},
{
"lessThan": "*",
"status": "affected",
"version": "14.1.0",
"versionType": "semver"
},
{
"lessThan": "*",
"status": "affected",
"version": "13.1.0",
"versionType": "semver"
}
]
}
]References
Related
cvelist
cvelist
CVE-2023-40542 BIG-IP TCP Profile vulnerability
2023-10-10 12:33:01
nessus
nessus
F5 Networks BIG-IP TCP profile vulnerability (K000134652)
2023-10-13 00:00:00
nvd
nvd
CVE-2023-40542
2023-10-10 13:15:20
f5
f5
K000134652 : BIG-IP TCP profile vulnerability CVE-2023-40542
2023-10-10 00:00:00
K000137053 : Overview of F5 vulnerabilities (October 2023)
2023-10-10 00:00:00
prion
prion
Design/Logic Flaw
2023-10-10 13:15:00
cnvd
cnvd
F5 BIG-IP Denial of Service Vulnerability (CNVD-2023-75604)
2023-10-11 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 High
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
16.9%
Related for CVE-2023-40542