QID 376074
Date Published: 2021-11-22
QID 376074: F5 BIG-IP Application Security Manager (ASM), Local Traffic Manager (LTM), Access Policy Manager (APM) Intel processor Vulnerabilities (K41043270)
Observable response discrepancy in floating-point operations for some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.CVE-2021-0086
Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.CVE-2021-0089
Vulnerable Component: BIG-IP ASM,LTM,APM
Affected Versions:
16.0.0 - 16.1.0
15.1.0 - 15.1.3
14.1.0 - 14.1.4
13.1.0 - 13.1.4
12.1.0 - 12.1.6
11.6.1 - 11.6.5
Note: QID is marked potential due to extra checks we cannot verify. The vulnerability lies in Intel processor which is something we cannot verify
QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.
All versions of Virtual Edition (VE) for the BIG-IP and BIG-IQ products are potentially impacted if the processors underlying the VE installations are affected. Microcode updates from Intel are available to address this issue but must be applied at the hardware level, which is outside the scope of the ability of F5 to support or patch.
- K41043270 -
support.f5.com/csp/article/K41043270
CVEs related to QID 376074
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| K41043270 |
support.f5.com/csp/article/K41043270 |