Description
In BIG-IP Versions 16.1.x before 16.1.3.1 and 15.1.x before 15.1.6.1, and all versions of BIG-IQ 8.x, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP or BIG-IQ on Amazon Web Services (AWS) systems, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Successful exploitation relies on conditions outside of the attacker's control. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Affected products
- F5 / BIG-IP13.1.0 – 13.1.x*
- F5 / BIG-IP14.1.0 – 14.1.x*
- F5 / BIG-IP15.1.x – 15.1.6.1
- F5 / BIG-IP16.1.x – 16.1.3.1
- F5 / BIG-IP17.0.0 – 17.0.x*
- F5 / BIG-IQ Centralized Management7.0.0 – 7.x*
- F5 / BIG-IQ Centralized Management8.0.0 – 8.x*