Be in love with vulnerability scanning

Mageni is a powerful and easy vulnerability scanner used by companies of all sizes. You will be in love with Mageni's powerful features, ease of use and price. Free for 7-days then $39 monthly for infinite IPs.

Start now 

No Contracts, Cancel at Anytime and 7-days Money-Back Guarantee.

App screenshot

CVE-2021-23051

CVE information

Published

9 months ago

Last Modified

9 months ago

CVSSv2.0 Severity

Medium

CVSSv3.1 Severity

High

Impact Analysis

Description

On BIG-IP versions 15.1.0.4 through 15.1.3, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP on Amazon Web Services (AWS) systems, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. This is due to an incomplete fix for CVE-2020-5862. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated..

CVSSv2.0 Score

Severity
Medium
Base Score
5/10
Exploit Score
10/10
Access Vector
Network
Access Complexity
Low
Authentication Required
None
Impact Score
2.9/10
Confidentiality Impact
None
Availability Impact
Partial
Integrity Impact
None

CVSSv3.1 Score

Severity
High
Base Score
7.5/10
Exploit Score
3.9/10
Access Vector
Network
Access Complexity
Low
Privileges Required
None
Impact Score
3.6/10
Confidentiality Impact
None
Availability Impact
High
Integrity Impact
None
Scope
Unchanged
User Interaction
None

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
  Yes
15.1.0.4 15.1.3.1
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:
  Yes
15.1.0.4 15.1.3.1
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:
  Yes
15.1.0.4 15.1.3.1
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
  Yes
15.1.0.4 15.1.3.1
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*
  Yes
15.1.0.4 15.1.3.1
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*
  Yes
15.1.0.4 15.1.3.1
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
  Yes
15.1.0.4 15.1.3.1
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
  Yes
15.1.0.4 15.1.3.1
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
  Yes
15.1.0.4 15.1.3.1
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
  Yes
15.1.0.4 15.1.3.1
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
  Yes
15.1.0.4 15.1.3.1

Every 11 seconds there is a ransomware attack.

Mageni can help you manage this threat by understanding your vulnerabilities and prioritizing the remediation.

Sign up for free