Lucene search
PRIOn knowledge basePRION:CVE-2023-22341HistoryFeb 01, 2023 - 6:15 p.m.
Design/Logic Flaw
2023-02-0118:15:00
PRIOn knowledge base
www.prio-n.com
1
undisclosed requests
tmm termination
big-ip apm
oauth configuration
0.001 Low
EPSS
Percentile
33.7%
On version 14.1.x before 14.1.5.3, and all versions of 13.1.x, when the BIG-IP APM system is configured with all the following elements, undisclosed requests may cause the Traffic Management Microkernel (TMM) to terminate: * An OAuth Server that references an OAuth Provider * An OAuth profile with the Authorization Endpoint set to ‘/’ * An access profile that references the above OAuth profile and is associated with an HTTPS virtual server Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Related
nessus
nessus
F5 Networks BIG-IP : BIG-IP APM OAuth vulnerability (K20717585)
2023-06-23 00:00:00
cnvd
cnvd
F5 BIG-IP APM Oauth Denial of Service Vulnerability
2023-02-01 00:00:00
nvd
nvd
CVE-2023-22341
2023-02-01 18:15:11
cve
cve
CVE-2023-22341
2023-02-01 18:15:11
f5
f5
K20717585 : BIG-IP APM OAuth vulnerability CVE-2023-22341
2023-02-01 00:00:00
K000130496 : Overview of F5 vulnerabilities (February 2023)
2023-02-01 00:00:00
cvelist
cvelist
CVE-2023-22341 BIG-IP APM OAuth vulnerability
2023-02-01 17:54:17