CVE-2021-23047
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
On version 16.x before 16.1.0, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, and all versions of 13.1.x, 12.1.x and 11.6.x, when BIG-IP APM performs Online Certificate Status Protocol (OCSP) verification of a certificate that contains Authority Information Access (AIA), undisclosed requests may cause an increase in memory use. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
En versiones 16.x anteriores a 16.1.0, versiones 15.1.x anteriores a 15.1.3.1, versiones 14.1.x anteriores a 14.1.4.3, y todas las versiones de 13.1.x, 12.1.x y 11.6.x, cuando BIG-IP APM lleva a cabo una comprobación del Online Certificate Status Protocol (OCSP) de un certificado que contiene Authority Information Access (AIA), las peticiones no divulgadas pueden causar un aumento del uso de memoria. Nota: Las versiones de software que han alcanzado End of Technical Support (EoTS) no son evaluadas
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-01-06 CVE Reserved
- 2021-09-14 CVE Published
- 2024-08-03 CVE Updated
- 2025-04-21 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://support.f5.com/csp/article/K79428827 | 2021-09-27 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
F5 Search vendor "F5" | Big-ip Access Policy Manager Search vendor "F5" for product "Big-ip Access Policy Manager" | >= 11.6.1 <= 11.6.5 Search vendor "F5" for product "Big-ip Access Policy Manager" and version " >= 11.6.1 <= 11.6.5" | - |
Affected
| ||||||
F5 Search vendor "F5" | Big-ip Access Policy Manager Search vendor "F5" for product "Big-ip Access Policy Manager" | >= 12.1.0 <= 12.1.6 Search vendor "F5" for product "Big-ip Access Policy Manager" and version " >= 12.1.0 <= 12.1.6" | - |
Affected
| ||||||
F5 Search vendor "F5" | Big-ip Access Policy Manager Search vendor "F5" for product "Big-ip Access Policy Manager" | >= 13.1.0 < 13.1.4 Search vendor "F5" for product "Big-ip Access Policy Manager" and version " >= 13.1.0 < 13.1.4" | - |
Affected
| ||||||
F5 Search vendor "F5" | Big-ip Access Policy Manager Search vendor "F5" for product "Big-ip Access Policy Manager" | >= 14.1.0 < 14.1.4.3 Search vendor "F5" for product "Big-ip Access Policy Manager" and version " >= 14.1.0 < 14.1.4.3" | - |
Affected
| ||||||
F5 Search vendor "F5" | Big-ip Access Policy Manager Search vendor "F5" for product "Big-ip Access Policy Manager" | >= 15.1.0 < 15.1.3.1 Search vendor "F5" for product "Big-ip Access Policy Manager" and version " >= 15.1.0 < 15.1.3.1" | - |
Affected
| ||||||
F5 Search vendor "F5" | Big-ip Access Policy Manager Search vendor "F5" for product "Big-ip Access Policy Manager" | >= 16.0.0 <= 16.0.1 Search vendor "F5" for product "Big-ip Access Policy Manager" and version " >= 16.0.0 <= 16.0.1" | - |
Affected
|