QID 378980

When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions utilizing BIG-IP external monitor on a BIG-IP system. A successful exploit can allow the attacker to cross a security boundary. (CVE-2023-43746)
An authenticated user's session cookie may remain valid for a limited time after logging out from the BIG-IP Configuration utility on a multi-blade VIPRION platform. (CVE-2023-40537)
When TCP Verified Accept is enabled on a TCP profile that is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. (CVE-2023-40542)
When IPsec is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. (CVE-2023-41085)
When a non-admin user has been assigned an administrator role via an iControl REST PUT request and later the user's role is reverted back to a non-admin role via the Configuration utility, tmsh, or iControl REST, the BIG-IP non-admin user can still access the iControl REST admin resource. (CVE-2023-42768)

Vulnerable Component: BIG-IP All Modules

Affected Versions:
Prior to 17.1.0.
16.1.0 - 16.1.3
15.1.0 - 15.1.8
14.1.0 - 14.1.5
13.1.0 - 13.1.5

QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.

Successful exploit may impact confidentiality, integrity and availability