Rewterz Threat Advisory – CVE-2023-20073 – Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Vulnerability
February 2, 2023Rewterz Threat Advisory – CVE-2023-20068 – Cisco Prime Infrastructure Vulnerability
February 2, 2023Rewterz Threat Advisory – CVE-2023-20073 – Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Vulnerability
February 2, 2023Rewterz Threat Advisory – CVE-2023-20068 – Cisco Prime Infrastructure Vulnerability
February 2, 2023Severity
High
Analysis Summary
CVE-2023-22842 CVSS:7.5
F5 BIG-IP is vulnerable to a denial of service, caused by a flaw when a SIP profile is configured on a Message Routing type virtual server. By sending a specially-crafted traffic, a remote attacker could exploit this vulnerability to cause the Traffic Management Microkernel (TMM) to terminate, and results in a denial of service condition.
CVE-2023-22323 CVSS:7.5
F5 BIG-IP is vulnerable to a denial of service, caused by a flaw when OCSP authentication profile is configured on a virtual server. By sending specially-crafted requests, a remote attacker could exploit this vulnerability to cause an increase in CPU resource utilization, and results in a denial of service condition.
CVE-2023-22281 CVSS:7.5
F5 BIG-IP (AFM) is vulnerable to a denial of service, caused by a flawwhen NAT policy with a destination NAT rule is configured on a FastL4 virtual server. By sending a specially-crafted traffic, a remote attacker could exploit this vulnerability to cause the Traffic Management Microkernel (TMM) to terminate, and results in a denial of service condition.
CVE-2023-22422 CVSS:7.5
F5 BIG-IP is vulnerable to a denial of service, caused by a HTTP profile vulnerability. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the Traffic Management Microkernel (TMM) to terminate.
CVE-2023-22358 CVSS:6.6
F5 BIG-IP (APM) could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper loading of Dynamic Link Libraries by the installer. By using a specially-crafted .DLL file, an authenticated attacker could exploit this vulnerability to gain administrative privileges.
CVE-2023-22664 CVSS:7.5
F5 BIG-IP is vulnerable to a denial of service, caused by a flaw when a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server. By sending specially-crafted requests, a remote attacker could exploit this vulnerability to cause an increase in memory resource utilization, and results in a denial of service condition.
CVE-2023-22340 CVSS:7.5
F5 BIG-IP is vulnerable to a denial of service, caused by a flaw when a SIP profile is configured on a Message Routing type virtual server. By sending a specially-crafted traffic, a remote attacker could exploit this vulnerability to cause TMM to terminate, and results in a denial of service condition.
CVE-2023-22341 CVSS:7.5
F5 BIG-IP (APM) is vulnerable to a denial of service, caused by a flaw in the OAuth profile configurations By sending specially-crafted requests, a remote attacker could exploit this vulnerability to cause the Traffic Management Microkernel (TMM) to terminate, and results in a denial of service condition.
CVE-2023-23555 CVSS:7.5
F5 BIG-IP is vulnerable to a denial of service, caused by a flaw in BIG-IP Virtual Edition. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the Traffic Management Microkernel (TMM) to terminate.
CVE-2023-23552 CVSS:7.5
F5 BIG-IP (ASM) is vulnerable to a denial of service, caused by a flaw when a BIG-IP Advanced WAF or BIG-IP ASM security policy is configured on a virtual server. By sending specially-crafted requests, a remote attacker could exploit this vulnerability to cause an increase in memory resource utilization, and results in a denial of service condition.
CVE-2023-22374 CVSS:7.5
F5 BIG-IP could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a format string flaw in the iControl SOAP. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code or crash the iControl SOAP CGI process on the system.
Impact
- Code Execution
- Privilege Escalation
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2023-22842
- CVE-2023-22323
- CVE-2023-22281
- CVE-2023-22422
- CVE-2023-22358
- CVE-2023-22664
- CVE-2023-22340
- CVE-2023-22341
- CVE-2023-23555
- CVE-2023-23552
- CVE-2023-22374
Affected Vendors
F5
Affected Products
- F5 BIG-IP 14.1.0
- F5 BIG-IP 13.1.0
- F5 BIG-IP (AFM) 15.1.0
- F5 BIG-IP (AFM) 14.1.0
- F5 BIG-IP (AFM) 13.1.0
- F5 BIG-IP 15.1.0
- F5 BIG-IP 16.1.0
- F5 BIG-IP (AFM) 16.1.0
- F5 BIG-IP 13.1.5
- F5 BIG-IP 16.1.3
- F5 BIG-IP 14.1.5
- F5 BIG-IP 17.0.0
- F5 BIG-IP (AFM) 16.1.3
- F5 BIG-IP 15.1.8
- F5 BIG-IP (AFM) 17.0.0
- F5 BIG-IP (AFM) 15.1.7
- F5 BIG-IP (AFM) 14.1.5
- F5 BIG-IP (AFM) 13.1.5
- F5 BIG-IP SPK 1.6.0
- F5 BIG-IP SPK 1.5
- F5 BIG-IP 16.1.2.2
- F5 BIG-IP 15.1.5.1
- F5 BIG-IP 14.1.4.6
Remediation
Refer to F5 Security Advisory for patch, upgrade or suggested workaround information.