Lucene search
HistoryOct 10, 2023 - 1:15 p.m.
CVE-2023-41085
ipsec
virtual server
tmm termination
vulnerability
cve-2023-41085
nvd
end of technical support
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 High
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
16.9%
When IPSec is configured on a Virtual Server, undisclosed traffic can cause TMM to terminate.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Affected configurations
Node
f5big-ip_access_policy_managerRange13.1.0–13.1.5
ORf5big-ip_access_policy_managerRange14.1.0–14.1.5
ORf5big-ip_access_policy_managerRange15.1.0–15.1.9
ORf5big-ip_access_policy_managerRange16.1.0–16.1.4
ORf5big-ip_advanced_firewall_managerRange13.1.0–13.1.5
ORf5big-ip_advanced_firewall_managerRange14.1.0–14.1.5
ORf5big-ip_advanced_firewall_managerRange15.1.0–15.1.9
ORf5big-ip_advanced_firewall_managerRange16.1.0–16.1.4
ORf5big-ip_advanced_web_application_firewallRange13.1.0–13.1.5
ORf5big-ip_advanced_web_application_firewallRange14.1.0–14.1.5
ORf5big-ip_advanced_web_application_firewallRange15.1.0–15.1.9
ORf5big-ip_advanced_web_application_firewallRange16.1.0–16.1.4
ORf5big-ip_analyticsRange13.1.0–13.1.5
ORf5big-ip_analyticsRange14.1.0–14.1.5
ORf5big-ip_analyticsRange15.1.0–15.1.9
ORf5big-ip_analyticsRange16.1.0–16.1.4
ORf5big-ip_application_acceleration_managerRange13.1.0–13.1.5
ORf5big-ip_application_acceleration_managerRange14.1.0–14.1.5
ORf5big-ip_application_acceleration_managerRange15.1.0–15.1.9
ORf5big-ip_application_acceleration_managerRange16.1.0–16.1.4
ORf5big-ip_application_security_managerRange13.1.0–13.1.5
ORf5big-ip_application_security_managerRange14.1.0–14.1.5
ORf5big-ip_application_security_managerRange15.1.0–15.1.9
ORf5big-ip_application_security_managerRange16.1.0–16.1.4
ORf5big-ip_application_visibility_and_reportingRange13.1.0–13.1.5
ORf5big-ip_application_visibility_and_reportingRange14.1.0–14.1.5
ORf5big-ip_application_visibility_and_reportingRange15.1.0–15.1.9
ORf5big-ip_application_visibility_and_reportingRange16.1.0–16.1.4
ORf5big-ip_carrier-grade_natRange13.1.0–13.1.5
ORf5big-ip_carrier-grade_natRange14.1.0–14.1.5
ORf5big-ip_carrier-grade_natRange15.1.0–15.1.9
ORf5big-ip_carrier-grade_natRange16.1.0–16.1.4
ORf5big-ip_ddos_hybrid_defenderRange13.1.0–13.1.5
ORf5big-ip_ddos_hybrid_defenderRange14.1.0–14.1.5
ORf5big-ip_ddos_hybrid_defenderRange15.1.0–15.1.9
ORf5big-ip_ddos_hybrid_defenderRange16.1.0–16.1.4
ORf5big-ip_domain_name_systemRange13.1.0–13.1.5
ORf5big-ip_domain_name_systemRange14.1.0–14.1.5
ORf5big-ip_domain_name_systemRange15.1.0–15.1.9
ORf5big-ip_domain_name_systemRange16.1.0–16.1.4
ORf5big-ip_edge_gatewayRange13.1.0–13.1.5
ORf5big-ip_edge_gatewayRange14.1.0–14.1.5
ORf5big-ip_edge_gatewayRange15.1.0–15.1.9
ORf5big-ip_edge_gatewayRange16.1.0–16.1.4
ORf5big-ip_fraud_protection_serviceRange13.1.0–13.1.5
ORf5big-ip_fraud_protection_serviceRange14.1.0–14.1.5
ORf5big-ip_fraud_protection_serviceRange15.1.0–15.1.9
ORf5big-ip_fraud_protection_serviceRange16.1.0–16.1.4
ORf5big-ip_global_traffic_managerRange13.1.0–13.1.5
ORf5big-ip_global_traffic_managerRange14.1.0–14.1.5
ORf5big-ip_global_traffic_managerRange15.1.0–15.1.9
ORf5big-ip_global_traffic_managerRange16.1.0–16.1.4
ORf5big-ip_link_controllerRange13.1.0–13.1.5
ORf5big-ip_link_controllerRange14.1.0–14.1.5
ORf5big-ip_link_controllerRange15.1.0–15.1.9
ORf5big-ip_link_controllerRange16.1.0–16.1.4
ORf5big-ip_local_traffic_managerRange13.1.0–13.1.5
ORf5big-ip_local_traffic_managerRange14.1.0–14.1.5
ORf5big-ip_local_traffic_managerRange15.1.0–15.1.9
ORf5big-ip_local_traffic_managerRange16.1.0–16.1.4
ORf5big-ip_policy_enforcement_managerRange13.1.0–13.1.5
ORf5big-ip_policy_enforcement_managerRange14.1.0–14.1.5
ORf5big-ip_policy_enforcement_managerRange15.1.0–15.1.9
ORf5big-ip_policy_enforcement_managerRange16.1.0–16.1.4
ORf5big-ip_ssl_orchestratorRange13.1.0–13.1.5
ORf5big-ip_ssl_orchestratorRange14.1.0–14.1.5
ORf5big-ip_ssl_orchestratorRange15.1.0–15.1.9
ORf5big-ip_ssl_orchestratorRange16.1.0–16.1.4
ORf5big-ip_webacceleratorRange13.1.0–13.1.5
ORf5big-ip_webacceleratorRange14.1.0–14.1.5
ORf5big-ip_webacceleratorRange15.1.0–15.1.9
ORf5big-ip_webacceleratorRange16.1.0–16.1.4
ORf5big-ip_websafeRange13.1.0–13.1.5
ORf5big-ip_websafeRange14.1.0–14.1.5
ORf5big-ip_websafeRange15.1.0–15.1.9
ORf5big-ip_websafeRange16.1.0–16.1.4
CNA Affected
[
{
"defaultStatus": "unknown",
"modules": [
"All Modules"
],
"product": "BIG-IP",
"vendor": "F5",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "17.1.0",
"versionType": "semver"
},
{
"lessThan": "16.1.4",
"status": "affected",
"version": "16.1.0",
"versionType": "semver"
},
{
"lessThan": "15.1.9",
"status": "affected",
"version": "15.1.0",
"versionType": "semver"
},
{
"lessThan": "*",
"status": "affected",
"version": "14.1.0",
"versionType": "semver"
},
{
"lessThan": "*",
"status": "affected",
"version": "13.1.0",
"versionType": "semver"
}
]
}
]References
Related
nessus
nessus
F5 Networks BIG-IP IPsec DoS (K000132420)
2023-10-13 00:00:00
f5
f5
K000132420 : BIG-IP IPsec vulnerability CVE-2023-41085
2023-10-10 00:00:00
K000137053 : Overview of F5 vulnerabilities (October 2023)
2023-10-10 00:00:00
prion
prion
Code injection
2023-10-10 13:15:00
cnvd
cnvd
F5 BIG-IP Denial of Service Vulnerability (CNVD-2023-75606)
2023-10-11 00:00:00
cvelist
cvelist
CVE-2023-41085 BIG-IP IPSEC vulnerability
2023-10-10 12:33:11
nvd
nvd
CVE-2023-41085
2023-10-10 13:15:21
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 High
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
16.9%
Related for CVE-2023-41085