Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Network
0

CVE-2023-22839

Disclosure Date: February 01, 2023
CVE-2023-22839 CVSS v3 Base Score: 7.5
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all version of 13.1.x, when a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
7.5 High
Impact Score:
3.6
Exploitability Score:
3.9
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
None
Integrity (I):
None
Availability (A):
High

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
BIG-IP 17.0.0
BIG-IP 16.1.0
BIG-IP 15.1.0
BIG-IP 14.1.0
BIG-IP 13.1.0
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • f5

Products

  • big-ip 10000s firmware -,
  • big-ip 10200v firmware -,
  • big-ip 10200v-ssl firmware -,
  • big-ip 12000 firmware -,
  • big-ip 5000s firmware -,
  • big-ip 5200v firmware -,
  • big-ip 5200v-ssl firmware -,
  • big-ip 7000s firmware -,
  • big-ip 7200v firmware -,
  • big-ip 7200v-ssl firmware -,
  • big-ip domain name system,
  • big-ip i10600 firmware -,
  • big-ip i10800 firmware -,
  • big-ip i11600 firmware -,
  • big-ip i11800 firmware -,
  • big-ip i15600 firmware -,
  • big-ip i15800 firmware -,
  • big-ip i5600 firmware -,
  • big-ip i5800 firmware -,
  • big-ip i7600 firmware -,
  • big-ip i7800 firmware -,
  • big-ip local traffic manager,
  • r10600 firmware -,
  • r10800 firmware -,
  • r10900 firmware -,
  • r5600 firmware -,
  • r5800 firmware -,
  • r5900 firmware -,
  • velos bx110 firmware -,
  • viprion b2100 firmware -,
  • viprion b2150 firmware -,
  • viprion b2250 firmware -,
  • viprion b4300 firmware -,
  • viprion b4450 firmware -

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis