Traffic Management Microkernel Issue in F5 BIG-IP APM
CVE-2020-27723

7.5HIGH

Key Information:

Vendor: F5
Status: Big-ip Apm
Vendor: CVE Published:; 24 December 2020

What is CVE-2020-27723?

In specific versions of F5's BIG-IP APM, a processing flaw in the management of PingAccess requests could inadvertently trigger a restart of the Traffic Management Microkernel (TMM). This may result in service disruptions and affect the overall performance of applications utilizing the BIG-IP network platform. It is advisable for users of the affected versions to implement necessary updates and patches to safeguard their systems against potential disruptions.

Affected Version(s)

BIG-IP APM 14.1.0-14.1.3, 13.1.0-13.1.3.4

References

https://support.f5.com/csp/article/K42933418

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 24, 2020
Vulnerability Reserved
Oct 26, 2020