CVE-2021-23034

Name of the Vulnerable Software and Affected Versions BIG-IP versions 15.1.x through 15.1.3.0 BIG-IP versions 16.x through 16.0.x

Description The issue is related to the Traffic Management Microkernel (TMM) component of BIG-IP's access control and remote authentication system, which has inadequate boundary controls. This can be exploited by a remote attacker to cause a denial of service. When a DNS profile using a DNS cache resolver is configured on a virtual server, undisclosed requests can cause the TMM process to terminate.

Recommendations For BIG-IP versions 15.1.x through 15.1.3.0, update to version 15.1.3.1 or later to resolve the issue. For BIG-IP versions 16.x through 16.0.x, update to version 16.1.0 or later to resolve the issue. As a temporary workaround, consider disabling the DNS cache resolver on virtual servers until a patch is available.