CyberSec.Space Logo
Back to CVE Browser

CVE-2021-23032

HIGH
7.5
CVSS Severity Score
EPSS Score0.1880%
EPSS Percentile31.39th
PublishedSep 14, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

On version 16.x before 16.1.0, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.4, and all versions of 13.1.x and 12.1.x, when a BIG-IP DNS system is configured with non-default Wide IP and pool settings, undisclosed DNS responses can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Affected Platforms (CPE)

πŸ“¦
F5

Big Ip Domain Name System

>= 12.1.0 and <= 12.1.6
πŸ“¦
F5

Big Ip Domain Name System

>= 13.1.0 and <= 13.1.4
πŸ“¦
F5

Big Ip Domain Name System

>= 14.1.0 and < 14.1.4.4
πŸ“¦
F5

Big Ip Domain Name System

>= 15.1.0 and < 15.1.3.1
πŸ“¦
F5

Big Ip Domain Name System

>= 16.0.0 and < 16.1.0

References & Advisories

πŸ”— https://support.f5.com/csp/article/K45407662
πŸ”— https://support.f5.com/csp/article/K45407662

Related Vulnerabilities

CVE-2021-021110.0

An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon ...

CVE-2021-2124310.0

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, a Kubernetes REST endpoint exposes two methods that deser...

CVE-2021-3467910.0

Thycotic Password Reset Server before 5.3.0 allows credential disclosure.

CVE-2021-2124410.0

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, There is a vulnerability that enabled pre-auth server sid...