CVE-2023-22839

high-risk

Published 2023-02-01

On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all version of 13.1.x, when a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Do I need to act?

1.0% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

Affected Products (20)

Big-Ip Domain Name System

Big-Ip Local Traffic Manager

Big-Ip 10000S Firmware

Big-Ip 10200V Firmware

Big-Ip 10200V-Ssl Firmware

Big-Ip 12000 Firmware

Big-Ip 5000S Firmware

Big-Ip 5200V Firmware

Big-Ip 5200V-Ssl Firmware

Big-Ip 7000S Firmware

Big-Ip 7200V Firmware

Big-Ip 7200V-Ssl Firmware

Big-Ip I10600 Firmware

Big-Ip I10800 Firmware

Big-Ip I11600 Firmware

Big-Ip I11800 Firmware

Big-Ip I15600 Firmware

Big-Ip I15800 Firmware

Big-Ip I5600 Firmware

Big-Ip I5800 Firmware

Affected Vendors

References (2)

Vendor Advisory https://my.f5.com/manage/s/article/K37708118

/ 100

high-risk

Severity 26/34 · High

Exploitability 3/34 · Minimal

Exposure 23/34 · High