Date Published: 2021-09-29
QID 375897: F5 BIG-IP Application Security Manager (ASM), Local Traffic Manager (LTM), Access Policy Manager (APM) Traffic Management Microkernel (TMM) Vulnerability (K30523121)
F5 BIG-IP ASM (Application Security Manager) is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments.
F5 BIG-IP (LTM) Local Traffic Manager is the most popular module offered on F5 Networks BIG-IP platform. The real power of the LTM is it is a Full Proxy, allowing you to augment client and server side connections. All while making informed load balancing decisions on availability, performance, and persistence.
F5 BIG-IP Access Policy Manager (APM) is a secure, flexible, high-performance solution that provides unified global access to your network, cloud, and applications.
When a DNS profile using a DNS cache resolver is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate. (CVE-2021-23034)
Vulnerable Component: BIG-IP ASM, APM, LTM
16.0.0 - 16.0.1
15.1.0 - 188.8.131.52
QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.
Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.
- K30523121 - support.f5.com/csp/article/K30523121
CVEs related to QID 375897