CVE-2023-40542 — Allocation of Resources Without Limits or Throttling in F5 Big-ip
Severity
7.5HIGHNVD
EPSS
0.6%
top 31.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 10
Description
When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6
Affected Packages20 packages
🔴Vulnerability Details
2📋Vendor Advisories
1F5▶
CVE-2023-40542: When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server, undisclosed requests can...↗2023-10-10