Lucene search
F5F5:K000134652HistoryOct 10, 2023 - 12:00 a.m.
K000134652 : BIG-IP TCP profile vulnerability CVE-2023-40542
2023-10-1000:00:00
my.f5.com
7
big-ip
tcp profile
vulnerability
cve-2023-40542
impact
mitigation
memory resource utilization
tmm process
degradation of service
denial-of-service
data plane issue
Security Advisory Description
When TCP Verified Accept is enabled on a TCP profile that is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. (CVE-2023-40542)
Impact
System performance can degrade until the Traffic Management Microkernel (TMM) process is either forced to restart or is manually restarted. This vulnerability allows a remote, unauthenticated attacker to cause a degradation of service that can lead to a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.
Related
vulnrichment
vulnrichment
CVE-2023-40542 BIG-IP TCP Profile vulnerability
2023-10-10 12:33:01
nessus
nessus
F5 Networks BIG-IP TCP profile vulnerability (K000134652)
2023-10-13 00:00:00
nvd
nvd
CVE-2023-40542
2023-10-10 13:15:20
cvelist
cvelist
CVE-2023-40542 BIG-IP TCP Profile vulnerability
2023-10-10 12:33:01
prion
prion
Design/Logic Flaw
2023-10-10 13:15:00
cnvd
cnvd
F5 BIG-IP Denial of Service Vulnerability (CNVD-2023-75604)
2023-10-11 00:00:00
cve
cve
CVE-2023-40542
2023-10-10 13:15:20
f5
f5
K000137053 : Overview of F5 vulnerabilities (October 2023)
2023-10-10 00:00:00