What is the severity of CVE-2021-23047?

CVE-2021-23047 has a high severity rating due to the potential for unauthorized requests during OCSP verification.

How do I fix CVE-2021-23047?

To fix CVE-2021-23047, upgrade your F5 Big-IP Access Policy Manager to the latest patched version available.

Which versions are affected by CVE-2021-23047?

CVE-2021-23047 affects multiple versions including 16.x before 16.1.0, and includes 15.1.x, 14.1.x, and earlier versions of F5 Big-IP APM.

What is Online Certificate Status Protocol (OCSP)?

Online Certificate Status Protocol (OCSP) is a protocol used to obtain the revocation status of an X.509 digital certificate.

Is CVE-2021-23047 a network vulnerability?

Yes, CVE-2021-23047 is considered a network vulnerability as it can be exploited through OCSP verification errors.

Vulnerability/
CVE-2021-23047

medium

5.3

CWE

400

14/9/2021

27/9/2021

CVE-2021-23047

First published: Tue Sep 14 2021(Updated: )

On version 16.x before 16.1.0, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, and all versions of 13.1.x, 12.1.x and 11.6.x, when BIG-IP APM performs Online Certificate Status Protocol (OCSP) verification of a certificate that contains Authority Information Access (AIA), undisclosed requests may cause an increase in memory use. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Credit: f5sirt@f5.com

Affected Software	Affected Version	How to fix
F5 Access Policy Manager	>=11.6.1<=11.6.5
F5 Access Policy Manager	>=12.1.0<=12.1.6
F5 Access Policy Manager	>=13.1.0<13.1.4
F5 Access Policy Manager	>=14.1.0<14.1.4.3
F5 Access Policy Manager	>=15.1.0<15.1.3.1
F5 Access Policy Manager	>=16.0.0<=16.0.1

Never miss a vulnerability like this again

Reference Links

https://support.f5.com/csp/article/K79428827

Frequently Asked Questions

What is the severity of CVE-2021-23047?
CVE-2021-23047 has a high severity rating due to the potential for unauthorized requests during OCSP verification.
How do I fix CVE-2021-23047?
To fix CVE-2021-23047, upgrade your F5 Big-IP Access Policy Manager to the latest patched version available.
Which versions are affected by CVE-2021-23047?
CVE-2021-23047 affects multiple versions including 16.x before 16.1.0, and includes 15.1.x, 14.1.x, and earlier versions of F5 Big-IP APM.
What is Online Certificate Status Protocol (OCSP)?
Online Certificate Status Protocol (OCSP) is a protocol used to obtain the revocation status of an X.509 digital certificate.
Is CVE-2021-23047 a network vulnerability?
Yes, CVE-2021-23047 is considered a network vulnerability as it can be exploited through OCSP verification errors.

agent/severity
agent/references
agent/weakness
agent/author
agent/tags
agent/type
agent/description
agent/event
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
collector/nvd-index
agent/software-canonical-lookup-request
vendor/f5
canonical/f5 access policy manager
version/f5 access policy manager/11.6.1
version/f5 access policy manager/11.6.5
version/f5 access policy manager/12.1.0
version/f5 access policy manager/12.1.6
version/f5 access policy manager/13.1.0
version/f5 access policy manager/14.1.0
version/f5 access policy manager/15.1.0
version/f5 access policy manager/16.0.0
version/f5 access policy manager/16.0.1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.