logo
DATABASE RESOURCES PRICING ABOUT US

TMM vulnerability CVE-2021-23036

Description

When a BIG-IP ASM and DataSafe profile are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. ([CVE-2021-23036](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23036>)) Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure, this is a data plane issue only.


Affected Software


CPE Name Name Version
big-iq centralized management 8.1.0
big-ip afm 16.1.0
big-ip analytics 16.1.0
big-ip apm 16.1.0
big-ip asm 16.1.0
big-ip dns 16.1.0
big-ip fps 16.1.0
big-ip gtm 16.1.0
big-ip link controller 16.1.0
big-ip ltm 16.1.0
big-ip pem 16.1.0
big-ip aam 16.1.0
f5os 1.1.3
traffix sdc 5.2.0
f5 ssl orchestrator 16.1.0
f5 ddos hybrid defender 16.1.0

Related