CVE-2023-23555: 
F5 BIG-IP Advanced Firewall Manager vulnerability analysis and mitigation

A vulnerability identified as CVE-2023-23555 affects BIG-IP Virtual Edition versions 15.1.4 to 15.1.8 and 14.1.5 to 14.1.5.3, as well as BIG-IP SPK versions 1.5.0 to 1.6.0. The vulnerability is present when a FastL4 profile is configured on a virtual server, where undisclosed traffic can trigger a termination of the Traffic Management Microkernel (TMM). This vulnerability was assigned by F5 Networks and has been given a CVSS v3.1 base score of 7.5 (HIGH) (NVD).

The vulnerability is classified as CWE-665 (Improper Initialization) and received a CVSS v3.1 vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. This indicates that the vulnerability can be exploited over the network, requires low attack complexity, needs no privileges or user interaction, and primarily impacts system availability (NVD).

When successfully exploited, this vulnerability can cause the Traffic Management Microkernel (TMM) to terminate, potentially leading to service disruption. The CVSS scoring indicates high impact on availability while confidentiality and integrity remain unaffected (NVD).

Organizations should upgrade to versions 15.1.8 or 14.1.5.3 or later, depending on their current version track. It's important to note that software versions which have reached End of Technical Support (EoTS) are not evaluated for this vulnerability (F5 Advisory).