CyberSec.Space Logo
CVEブラウザに戻る

CVE-2021-23013

HIGH
7.5
CVSS Severity Score
EPSS Score0.1430%
EPSS Percentile29.93th
Published2021年5月10日
Last Modified2024年11月21日

Vulnerability Description

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3, the Traffic Management Microkernel (TMM) may stop responding when processing Stream Control Transmission Protocol (SCTP) traffic under certain conditions. This vulnerability affects TMM by way of a virtual server configured with an SCTP profile. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Affected Platforms (CPE)

📦
F5

Big Ip Access Policy Manager

>= 12.1.0 and < 12.1.5.3
📦
F5

Big Ip Access Policy Manager

>= 13.1.0 and < 13.1.4
📦
F5

Big Ip Access Policy Manager

>= 14.1.0 and < 14.1.4
📦
F5

Big Ip Access Policy Manager

>= 15.1.0 and < 15.1.3
📦
F5

Big Ip Access Policy Manager

>= 16.0.0 and < 16.0.1.1
📦
F5

Big Ip Advanced Firewall Manager

>= 12.1.0 and < 12.1.5.3
📦
F5

Big Ip Advanced Firewall Manager

>= 13.1.0 and < 13.1.4
📦
F5

Big Ip Advanced Firewall Manager

>= 14.1.0 and < 14.1.4
📦
F5

Big Ip Advanced Firewall Manager

>= 15.1.0 and < 15.1.3
📦
F5

Big Ip Advanced Firewall Manager

>= 16.0.0 and < 16.0.1.1
📦
F5

Big Ip Advanced Web Application Firewall

>= 12.1.0 and < 12.1.5.3
📦
F5

Big Ip Advanced Web Application Firewall

>= 13.1.0 and < 13.1.4
📦
F5

Big Ip Advanced Web Application Firewall

>= 14.1.0 and < 14.1.4
📦
F5

Big Ip Advanced Web Application Firewall

>= 15.1.0 and < 15.1.3
📦
F5

Big Ip Advanced Web Application Firewall

>= 16.0.0 and < 16.0.1.1
📦
F5

Big Ip Analytics

>= 12.1.0 and < 12.1.5.3
📦
F5

Big Ip Analytics

>= 13.1.0 and < 13.1.4
📦
F5

Big Ip Analytics

>= 14.1.0 and < 14.1.4
📦
F5

Big Ip Analytics

>= 15.1.0 and < 15.1.3
📦
F5

Big Ip Analytics

>= 16.0.0 and < 16.0.1.1
📦
F5

Big Ip Application Acceleration Manager

>= 12.1.0 and < 12.1.5.3
📦
F5

Big Ip Application Acceleration Manager

>= 13.1.0 and < 13.1.4
📦
F5

Big Ip Application Acceleration Manager

>= 14.1.0 and < 14.1.4
📦
F5

Big Ip Application Acceleration Manager

>= 15.1.0 and < 15.1.3
📦
F5

Big Ip Application Acceleration Manager

>= 16.0.0 and < 16.0.1.1
📦
F5

Big Ip Application Security Manager

>= 12.1.0 and < 12.1.5.3
📦
F5

Big Ip Application Security Manager

>= 13.1.0 and < 13.1.4
📦
F5

Big Ip Application Security Manager

>= 14.1.0 and < 14.1.4
📦
F5

Big Ip Application Security Manager

>= 15.1.0 and < 15.1.3
📦
F5

Big Ip Application Security Manager

>= 16.0.0 and < 16.0.1.1
📦
F5

Big Ip Ddos Hybrid Defender

>= 12.1.0 and < 12.1.5.3
📦
F5

Big Ip Ddos Hybrid Defender

>= 13.1.0 and < 13.1.4
📦
F5

Big Ip Ddos Hybrid Defender

>= 14.1.0 and < 14.1.4
📦
F5

Big Ip Ddos Hybrid Defender

>= 15.1.0 and < 15.1.3
📦
F5

Big Ip Ddos Hybrid Defender

>= 16.0.0 and < 16.0.1.1
📦
F5

Big Ip Domain Name System

>= 12.1.0 and < 12.1.5.3
📦
F5

Big Ip Domain Name System

>= 13.1.0 and < 13.1.4
📦
F5

Big Ip Domain Name System

>= 14.1.0 and < 14.1.4
📦
F5

Big Ip Domain Name System

>= 15.1.0 and < 15.1.3
📦
F5

Big Ip Domain Name System

>= 16.0.0 and < 16.0.1.1
📦
F5

Big Ip Fraud Protection Service

>= 12.1.0 and < 12.1.5.3
📦
F5

Big Ip Fraud Protection Service

>= 13.1.0 and < 13.1.4
📦
F5

Big Ip Fraud Protection Service

>= 14.1.0 and < 14.1.4
📦
F5

Big Ip Fraud Protection Service

>= 15.1.0 and < 15.1.3
📦
F5

Big Ip Fraud Protection Service

>= 16.0.0 and < 16.0.1.1
📦
F5

Big Ip Global Traffic Manager

>= 12.1.0 and < 12.1.5.3
📦
F5

Big Ip Global Traffic Manager

>= 13.1.0 and < 13.1.4
📦
F5

Big Ip Global Traffic Manager

>= 14.1.0 and < 14.1.4
📦
F5

Big Ip Global Traffic Manager

>= 15.1.0 and < 15.1.3
📦
F5

Big Ip Global Traffic Manager

>= 16.0.0 and < 16.0.1.1
📦
F5

Big Ip Link Controller

>= 12.1.0 and < 12.1.5.3
📦
F5

Big Ip Link Controller

>= 13.1.0 and < 13.1.4
📦
F5

Big Ip Link Controller

>= 14.1.0 and < 14.1.4
📦
F5

Big Ip Link Controller

>= 15.1.0 and < 15.1.3
📦
F5

Big Ip Link Controller

>= 16.0.0 and < 16.0.1.1
📦
F5

Big Ip Local Traffic Manager

>= 12.1.0 and < 12.1.5.3
📦
F5

Big Ip Local Traffic Manager

>= 13.1.0 and < 13.1.4
📦
F5

Big Ip Local Traffic Manager

>= 14.1.0 and < 14.1.4
📦
F5

Big Ip Local Traffic Manager

>= 15.1.0 and < 15.1.3
📦
F5

Big Ip Local Traffic Manager

>= 16.0.0 and < 16.0.1.1
📦
F5

Big Ip Policy Enforcement Manager

>= 12.1.0 and < 12.1.5.3
📦
F5

Big Ip Policy Enforcement Manager

>= 13.1.0 and < 13.1.4
📦
F5

Big Ip Policy Enforcement Manager

>= 14.1.0 and < 14.1.4
📦
F5

Big Ip Policy Enforcement Manager

>= 15.1.0 and < 15.1.3
📦
F5

Big Ip Policy Enforcement Manager

>= 16.0.0 and < 16.0.1.1
📦
F5

Big Ip Ssl Orchestrator

>= 12.1.0 and < 12.1.5.3
📦
F5

Big Ip Ssl Orchestrator

>= 13.1.0 and < 13.1.4
📦
F5

Big Ip Ssl Orchestrator

>= 14.1.0 and < 14.1.4
📦
F5

Big Ip Ssl Orchestrator

>= 15.1.0 and < 15.1.3
📦
F5

Big Ip Ssl Orchestrator

>= 16.0.0 and < 16.0.1.1

References & Advisories

🔗 https://support.f5.com/csp/article/K04234247
🔗 https://support.f5.com/csp/article/K05300051
🔗 https://support.f5.com/csp/article/K04234247

関連する脆弱性情報

CVE-2019-66659.4

On BIG-IP ASM 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, BIG-IQ 6.0.0 and 5.2.0-5.4.0, iWorkflow 2.3.0, and...

CVE-2015-80227.5

The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x before 11.2.1 HF16, 11.3.x, 11.4.x ...

CVE-2019-65956.1

Cross-site scripting (XSS) vulnerability in F5 BIG-IP Access Policy Manager (APM) 11.5.x and 11.6.x Admin Web UI.

CVE-2016-14974.9

The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5....