CVE-2020-5921

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions 11.6.1 through 11.6.5.2 F5 BIG-IP versions 12.1.0 through 12.1.5.1 F5 BIG-IP versions 13.1.0 through 13.1.3.4 F5 BIG-IP versions 14.1.0 through 14.1.2.6 F5 BIG-IP versions 15.0.0 through 15.0.1.3 F5 BIG-IP versions 15.1.0 through 15.1.0.4

Description The issue is caused by a Syn flood, leading to a large number of MCPD context messages being sent to secondary blades, consuming memory, and resulting in MCPD failure. This issue specifically affects VIPRION hosts with two or more blades installed, while single-blade VIPRION hosts are not affected.

Recommendations For versions 11.6.1 through 11.6.5.2, update to a version outside of this range to resolve the issue. For versions 12.1.0 through 12.1.5.1, update to a version outside of this range to resolve the issue. For versions 13.1.0 through 13.1.3.4, update to a version outside of this range to resolve the issue. For versions 14.1.0 through 14.1.2.6, update to a version outside of this range to resolve the issue. For versions 15.0.0 through 15.0.1.3, update to a version outside of this range to resolve the issue. For versions 15.1.0 through 15.1.0.4, update to a version outside of this range to resolve the issue.