QID 376068

QID 376068: F5 BIG-IP Application Security Manager (ASM), Local Traffic Manager (LTM), Access Policy Manager (APM) Traffic Management Microkernel (TMM) Vulnerability (K70415522)

When an HTTP profile is configured on a virtual server, after a specific sequence of packets, chunked responses can cause the Traffic Management Microkernel (TMM) to terminate.CVE-2021-23035

Vulnerable Component: BIG-IP ASM,LTM,APM

Affected Versions:
14.1.0 - 14.1.4

QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.

Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.

  • CVSS V3 rated as High - 7.5 severity.
  • CVSS V2 rated as High - 7.1 severity.
  • Solution
    The vendor has released patch, for more information please visit: K70415522
    Vendor References

    CVEs related to QID 376068

    Software Advisories
    Advisory ID Software Component Link
    K70415522 URL Logo support.f5.com/csp/article/K70415522