CVE-2023-40534

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 10, 2023

Updated: Oct 19, 2023

CWE ID 401

Summary

CVE-2023-40534 is a vulnerability affecting virtual servers with enabled HTTP/2 profiles and the HTTP MRF Router option. When a client sends undisclosed requests to such servers and an iRule or Local Traffic Policy is associated, the Traffic Management Microservices (TMM) component may terminate unexpectedly. This issue does not impact software versions that have reached End of Technical Support.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

F5 BIG-IP Advanced Firewall Manager
F5 Big-ip Link Controller
F5 Big-IP Policy Enforcement Manager (PEM)
F5 ASM
F5 BIG-IP APM

Affected Vendors

F5 Networks

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s5tOxL
https://www.cve.org/CVERecord?id=CVE-2023-40534
https://nvd.nist.gov/vuln/detail/CVE-2023-40534

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners