CVE-2020-5921: in BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2, Syn flood causes large number of…

high7.5CVSS 3.1

AVNACLPRNUINSUCNINAH

in BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2, Syn flood causes large number of MCPD context messages destined to secondary blades consuming memory leading to MCPD failure. This issue affects only VIPRION hosts with two or more blades installed. Single-blade VIPRION hosts are not affected.

Affected

56 ranges· showing 25

Vendor	Product	Version range	Fixed in
f5	big-ip_aam	—	—
f5	big-ip_access_policy_manager	—	—
f5	big-ip_access_policy_manager	>= 12.1.0 < 12.1.5.2	12.1.5.2
f5	big-ip_access_policy_manager	>= 14.1.0 < 14.1.2.7	14.1.2.7
f5	big-ip_access_policy_manager	>= 15.0.0 < 15.0.1.4	15.0.1.4
f5	big-ip_access_policy_manager	>= 15.1.0 < 15.1.0.5	15.1.0.5
f5	big-ip_advanced_firewall_manager	>= 12.1.0 < 12.1.5.2	12.1.5.2
f5	big-ip_advanced_firewall_manager	>= 14.1.0 < 14.1.2.7	14.1.2.7
f5	big-ip_advanced_firewall_manager	>= 15.0.0 < 15.0.1.4	15.0.1.4
f5	big-ip_advanced_firewall_manager	>= 15.1.0 < 15.1.0.5	15.1.0.5
f5	big-ip_afm	—	—
f5	big-ip_analytics	—	—
f5	big-ip_analytics	>= 12.1.0 < 12.1.5.2	12.1.5.2
f5	big-ip_analytics	>= 14.1.0 < 14.1.2.7	14.1.2.7
f5	big-ip_analytics	>= 15.0.0 < 15.0.1.4	15.0.1.4
f5	big-ip_analytics	>= 15.1.0 < 15.1.0.5	15.1.0.5
f5	big-ip_apm	—	—
f5	big-ip_application_acceleration_manager	>= 12.1.0 < 12.1.5.2	12.1.5.2
f5	big-ip_application_acceleration_manager	>= 14.1.0 < 14.1.2.7	14.1.2.7
f5	big-ip_application_acceleration_manager	>= 15.0.0 < 15.0.1.4	15.0.1.4
f5	big-ip_application_acceleration_manager	>= 15.1.0 < 15.1.0.5	15.1.0.5
f5	big-ip_application_security_manager	>= 12.1.0 < 12.1.5.2	12.1.5.2
f5	big-ip_application_security_manager	>= 14.1.0 < 14.1.2.7	14.1.2.7
f5	big-ip_application_security_manager	>= 15.0.0 < 15.0.1.4	15.0.1.4
f5	big-ip_application_security_manager	>= 15.1.0 < 15.1.0.5	15.1.0.5