Lucene search
F5F5:K56676554HistoryFeb 01, 2023 - 12:00 a.m.
K56676554 : BIG-IP HTTP/2 profile vulnerability CVE-2023-22664
2023-02-0100:00:00
my.f5.com
6
big-ip
http/2
vulnerability
cve-2023-22664
memory resource utilization
tmm process
degradation of service
denial-of-service (dos)
data plane
Security Advisory Description
When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, undisclosed requests can cause an increase in memory resource utilization. (CVE-2023-22664)
Impact
System performance can degrade until the Traffic Management Microkernel (TMM) process is either forced to restart or is manually restarted. This vulnerability allows a remote, unauthenticated attacker to cause a degradation of service that can lead to a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.
Related
cnvd
cnvd
F5 BIG-IP HTTP/2 profile denial of service vulnerability
2023-02-01 00:00:00
prion
prion
Design/Logic Flaw
2023-02-01 18:15:00
cvelist
cvelist
CVE-2023-22664 BIG-IP HTTP/2 profile vulnerability
2023-02-01 17:56:15
nvd
nvd
CVE-2023-22664
2023-02-01 18:15:11
nessus
nessus
F5 Networks BIG-IP : BIG-IP HTTP/2 profile vulnerability (K56676554)
2023-06-23 00:00:00
cve
cve
CVE-2023-22664
2023-02-01 18:15:11
f5
f5
K000130496 : Overview of F5 vulnerabilities (February 2023)
2023-02-01 00:00:00