K13155201 : BIG-IQ HA vulnerability CVE-2021-22995

2021-03-1000:00:00

my.f5.com

0.001 Low

EPSS

Percentile

36.1%

JSON

Security Advisory Description

BIG-IQ high availability (HA) when using a Quorum device for automatic failover does not implement any form of authentication with the Corosync daemon. (CVE-2021-22995)

Impact

There are iptables firewall rules in place which prevent arbitrary attackers from connecting directly, but because the protocol uses User Datagram Protocol (UDP), spoofed datagrams may be able to bypass the firewall ruleset if they can spoof the IP address of a trusted, preconfigured peer.

CPENameOperatorVersion
big-iq centralized managementeq6.0.0
big-iq centralized managementeq6.0.1
big-iq centralized managementeq6.1.0
big-iq centralized managementeq7.0.0
big-iq centralized managementeq7.1.0
big-iq centralized managementeq8.0.0
big-ip afmeq11.6.1
big-ip afmeq11.6.2
big-ip afmeq11.6.3
big-ip afmeq11.6.4

Name	Operator	Version
big-iq centralized management	eq	6.0.0
big-iq centralized management	eq	6.0.1
big-iq centralized management	eq	6.1.0
big-iq centralized management	eq	7.0.0
big-iq centralized management	eq	7.1.0
big-iq centralized management	eq	8.0.0
big-ip afm	eq	11.6.1
big-ip afm	eq	11.6.2
big-ip afm	eq	11.6.3
big-ip afm	eq	11.6.4

Rows per page:

1-10 of 2241

0.001 Low

EPSS

Percentile

36.1%

JSON

Related for F5:K13155201