F5-K43881487
First published: Wed Feb 01 2023(Updated: )
When an HTTP profile with the non-default Enforcement options Enforce RFC Compliance and Unknown Methods: Reject are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F5 BIG-IP | =17.0.0 | 17.1.0 |
| F5 BIG-IP | >=16.1.0<=16.1.3 | 16.1.3.3 |
| F5 BIG-IP |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of F5-K43881487?
The F5-K43881487 vulnerability is considered critical due to its potential to terminate the Traffic Management Microkernel.
How do I fix F5-K43881487?
To fix F5-K43881487, update your F5 BIG-IP to the recommended versions specified in the advisory.
What causes the F5-K43881487 vulnerability?
F5-K43881487 is caused by misconfigurations in HTTP profile settings that reject unknown methods.
Is my system affected by F5-K43881487?
If you are using F5 BIG-IP versions 17.0.0, 16.1.3, or any earlier version, your system may be affected by F5-K43881487.
What are the implications of F5-K43881487?
Exploitation of F5-K43881487 may lead to unexpected system outages due to the termination of the TMM.
- agent/references
- agent/severity
- agent/last-modified-date
- agent/first-publish-date
- agent/type
- agent/description
- agent/softwarecombine
- agent/event
- agent/source
- agent/tags
- collector/f5-advisory
- source/F5
- alias/CVE-2023-22422
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/f5
- canonical/f5 big-ip
- version/f5 big-ip/17.0.0
- version/f5 big-ip/16.1.0
- version/f5 big-ip/16.1.3