Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
f5F5F5:K37451543
HistoryMar 19, 2021 - 12:00 a.m.

K37451543 : TMM vulnerability CVE-2021-23007

2021-03-1900:00:00
my.f5.com
15

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.5%

JSON

Security Advisory Description

When the Traffic Management Microkernel (TMM) process handles certain undisclosed traffic, it may start dropping all fragmented IP traffic. (CVE-2021-23007)

Impact

TMM incorrectly determines that the fragment memory limit has been reached and drops all fragments it receives, disrupting traffic to the BIG-IP system.

You can determine if your system is impacted by running the tmctl ip_stat command from the BIG-IP command line and reviewing the output for an unusually large value in thefrag_bytes_used column for a given TMM. You may observe that some TMM processes have high values and others do not. For example:

   rx_frag rx_frag_dropped err_frag_mem_limit_reached      frag_bytes_used
  -------- --------------- -------------------------- --------------------
  46406517             508                          0                    0

   rx_frag rx_frag_dropped err_frag_mem_limit_reached      frag_bytes_used
  -------- --------------- -------------------------- --------------------
  44739031             217                          0                    0

   rx_frag rx_frag_dropped err_frag_mem_limit_reached      frag_bytes_used
  -------- --------------- -------------------------- --------------------
  39322744         8404728                    8404628 18446744073709547072

   rx_frag rx_frag_dropped err_frag_mem_limit_reached      frag_bytes_used
  -------- --------------- -------------------------- --------------------
  33528060        15659496                   15659334 18446744073709547072

   rx_frag rx_frag_dropped err_frag_mem_limit_reached      frag_bytes_used
  -------- --------------- -------------------------- --------------------
  46712180             157                          0                    0

   rx_frag rx_frag_dropped err_frag_mem_limit_reached      frag_bytes_used
  -------- --------------- -------------------------- --------------------
  38912369        10588696                   10588558 18446744073709547072

Related

cve 1
f5 31
nvd 1
nessus 1
cvelist 1
prion 1
cve
cve
CVE-2021-23007
2021-03-31 18:15:15
f5
f5
K23022557 : The BIG-IP system may respond with the NXDOMAIN status when it receives a DNS query of a certain type on a CNAME wide IP
2017-03-06 00:00:00
K88162221 : The BIG-IP ASM system may not properly perform signature checks on cookies
2021-02-10 00:00:00
K31934524 : BIG-IP SNAT vulnerability CVE-2021-22998
2021-03-10 00:00:00
nvd
nvd
CVE-2021-23007
2021-03-31 18:15:15
nessus
nessus
F5 Networks BIG-IP : TMM vulnerability (K37451543)
2021-04-01 00:00:00
cvelist
cvelist
CVE-2021-23007
2021-03-31 17:43:02
prion
prion
Code injection
2021-03-31 18:15:00

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.5%

JSON
Related for F5:K37451543
cve1f531nvd1nessus1cvelist1prion1