Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2021-23051
CVE-2021-23051:
F5 BIG-IP Advanced Firewall Manager vulnerability analysis and mitigation
Overview
CVE-2021-23051 affects BIG-IP versions 15.1.0.4 through 15.1.3 when using the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver with BIG-IP on Amazon Web Services (AWS) systems. This vulnerability is related to an incomplete fix for CVE-2020-5862 (MITRE).
Technical details
The vulnerability occurs when undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. This specifically affects systems using the DPDK/ENA driver configuration in AWS environments (CERT-FR).
Impact
When exploited, this vulnerability can lead to a denial of service condition by causing the Traffic Management Microkernel (TMM) to terminate, potentially disrupting the normal operation of affected BIG-IP systems (CERT-FR).
Mitigation and workarounds
The vulnerability has been addressed in versions after BIG-IP 15.1.3. Organizations are advised to upgrade to a patched version to mitigate this vulnerability. Software versions which have reached End of Technical Support (EoTS) are not evaluated (MITRE).
Additional resources
Source: This report was generated using AI
Related F5 BIG-IP Advanced Firewall Manager vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management