fkie_nvd - fkie_cve-2023-40534

fkie_cve-2023-40534

Vulnerability from fkie_nvd

Published

2023-10-10 13:15

Modified

2024-11-21 08:19

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, and an iRule using the HTTP_REQUEST event or Local Traffic Policy are associated with the virtual server, undisclosed requests can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

References

▶	URL	Tags
	f5sirt@f5.com	https://my.f5.com/manage/s/article/K000133467	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://my.f5.com/manage/s/article/K000133467	Vendor Advisory

Impacted products

Vendor	Product	Version
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	17.1.0
f5	big-ip_advanced_firewall_manager	*
f5	big-ip_advanced_firewall_manager	17.1.0
f5	big-ip_advanced_web_application_firewall	*
f5	big-ip_advanced_web_application_firewall	17.1.0
f5	big-ip_analytics	*
f5	big-ip_analytics	17.1.0
f5	big-ip_application_acceleration_manager	*
f5	big-ip_application_acceleration_manager	17.1.0
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	17.1.0
f5	big-ip_application_visibility_and_reporting	*
f5	big-ip_application_visibility_and_reporting	17.1.0
f5	big-ip_carrier-grade_nat	*
f5	big-ip_carrier-grade_nat	17.1.0
f5	big-ip_ddos_hybrid_defender	*
f5	big-ip_ddos_hybrid_defender	17.1.0
f5	big-ip_domain_name_system	*
f5	big-ip_domain_name_system	17.1.0
f5	big-ip_edge_gateway	*
f5	big-ip_edge_gateway	17.1.0
f5	big-ip_fraud_protection_service	*
f5	big-ip_fraud_protection_service	17.1.0
f5	big-ip_global_traffic_manager	*
f5	big-ip_global_traffic_manager	17.1.0
f5	big-ip_link_controller	*
f5	big-ip_link_controller	17.1.0
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	17.1.0
f5	big-ip_next_service_proxy_for_kubernetes	*
f5	big-ip_policy_enforcement_manager	*
f5	big-ip_policy_enforcement_manager	17.1.0
f5	big-ip_ssl_orchestrator	*
f5	big-ip_ssl_orchestrator	17.1.0
f5	big-ip_webaccelerator	*
f5	big-ip_webaccelerator	17.1.0
f5	big-ip_websafe	*
f5	big-ip_websafe	17.1.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F10A0D-A487-4B2A-ADF7-4AB3C5A98001",
              "versionEndExcluding": "16.1.4.1",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A8D90B7-A1AF-4EFB-B688-1563D81E5C6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ADC24ED-14A3-4F96-A6DA-5A2FDC60A71B",
              "versionEndExcluding": "16.1.4.1",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A1CC91B-6920-4AF0-9EDD-DD3189E78F4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E42EBA0A-EC53-4885-9AFD-AFF83224214C",
              "versionEndExcluding": "16.1.4.1",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1769D69A-CB59-46B1-89B3-FB97DC6DEB9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E49638F-30AA-4112-8F6F-13F013F9E72B",
              "versionEndExcluding": "16.1.4.1",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "59203EBF-C52A-45A1-B8DF-00E17E3EFB51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3823874E-B0C1-4F7B-B1E7-1423C371E79C",
              "versionEndExcluding": "16.1.4.1",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C698C1C-A3DD-46E2-B05A-12F2604E7F85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C175FBF7-CF8D-48C2-B604-AC766AE3ECAD",
              "versionEndExcluding": "16.1.4.1",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "87670A74-34FE-45DF-A725-25B804C845B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C509C00E-2C92-4905-BD2D-22B5BDDDE4EE",
              "versionEndExcluding": "16.1.4.1",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "67DB21AE-DF53-442D-B492-C4ED9A20B105",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD1751B-9818-474E-B970-719CE1AEA782",
              "versionEndExcluding": "16.1.4.1",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BC1D037-74D2-4F92-89AD-C90F6CBF440B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A519F4C-D469-47A0-9F61-2EE33976177D",
              "versionEndExcluding": "16.1.4.1",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B235A78-649B-46C5-B24B-AB485A884654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69DE4021-B15C-4310-8898-E4EC3EC0DA60",
              "versionEndExcluding": "16.1.4.1",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "84D00768-E71B-4FF7-A7BF-F2C8CFBC900D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A779434-C082-486E-8F65-587CE0BD1828",
              "versionEndExcluding": "16.1.4.1",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F28D083-19BE-4584-A61A-85DD3CDC66BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CAB7BF-AC42-4957-9F8F-59CACA30D0A3",
              "versionEndExcluding": "16.1.4.1",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABBD10E8-6054-408F-9687-B9BF6375CA09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11EA68F6-028C-4A63-AFB6-0B6F36F5EB8C",
              "versionEndExcluding": "16.1.4.1",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "83794B04-87E2-4CA9-81F5-BB820D0F5395",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16657185-FDAA-4DF4-A2A1-1B5BAF8697FB",
              "versionEndExcluding": "16.1.4.1",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A6E7035-3299-474F-8F67-945EA9A059D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04ABC7AA-1D2D-4954-863B-A417794B1F5B",
              "versionEndExcluding": "16.1.4.1",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "56FB92F7-FF1E-425D-A5AB-9D9FB0BB9450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5190BFD8-0F6C-4CAF-9589-7CD8A589CDC3",
              "versionEndIncluding": "1.8.2",
              "versionStartIncluding": "1.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "957276C7-DA88-44F1-AB18-AA39DC1BF9B4",
              "versionEndExcluding": "16.1.4.1",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "667EB77B-DA13-4BA4-9371-EE3F3A109F38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6D0A641-7EF3-4F9E-9503-4A202E04102A",
              "versionEndExcluding": "16.1.4.1",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C446827A-1F71-4FAD-9422-580642D26AD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "095E5580-CF33-45EB-90DB-1EB4F0C0DFCA",
              "versionEndExcluding": "16.1.4.1",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D1B2000-C3FE-4B4C-885A-A5076EB164E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D097C6A6-5C8D-4275-B0CD-3947E11AA5B1",
              "versionEndExcluding": "16.1.4.1",
              "versionStartIncluding": "16.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_websafe:17.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AB23AE6-245E-43D6-B832-933F8259F937",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, and an iRule using the HTTP_REQUEST event or Local Traffic Policy are associated with the virtual server, undisclosed requests can cause TMM to terminate.\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
    },
    {
      "lang": "es",
      "value": "Cuando un perfil HTTP/2 del lado del cliente y la opci\u00f3n HTTP MRF Router est\u00e1n habilitadas para un servidor virtual, y una iRule que utiliza el evento HTTP_REQUEST o la Pol\u00edtica de Tr\u00e1fico Local est\u00e1 asociada con el servidor virtual, las solicitudes no divulgadas pueden provocar la finalizaci\u00f3n de TMM. Nota: Las versiones de software que han llegado al End of Technical Support (EoTS) no se eval\u00faan."
    }
  ],
  "id": "CVE-2023-40534",
  "lastModified": "2024-11-21T08:19:40.007",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "f5sirt@f5.com",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-10-10T13:15:20.730",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://my.f5.com/manage/s/article/K000133467"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://my.f5.com/manage/s/article/K000133467"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "f5sirt@f5.com",
      "type": "Primary"
    }
  ]
}

CVE-2023-40534 (GCVE-0-2023-40534)

Vulnerability from cvelistv5

Published

2023-10-10 12:32

Modified

2024-09-19 13:48

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-401 - Missing Release of Memory after Effective Lifetime

Summary

References

►

URL

Tags

https://my.f5.com/manage/s/article/K000133467

vendor-advisory

Impacted products

Vendor

Product

Version

►

BIG-IP

Version: 17.1.0 ≤
Version: 16.1.0 ≤

BIG-IP Next SPK

Version: 1.6.0 ≤

Show details on NVD website