PT-2021-15332 · F5 · F5 Big-Iq

Published

2021-03-31

Updated

2021-04-06

CVE-2021-23005

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions F5 BIG-IQ versions 6.x through 7.x

Description The issue arises when using a Quorum device for BIG-IQ high availability (HA) with automatic failover, where BIG-IQ fails to utilize Transport Layer Security (TLS) with the Corosync protocol.

Recommendations For versions 6.x through 7.x, update to version 8.0.0 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-23005

Affected Products

F5 Big-Iq

PT-2021-15332 · F5 · F5 Big-Iq

CVE-2021-23005

Related Identifiers

Affected Products

References · 3