CVE-2023-22839

Name: CVE-2023-22839
Creator: NVD / NIST
Published: 2023-02-01T18:15:11.75+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.5/10EPSS 0.63%

Last modified Jun 17, 2026

CVE-2023-22839 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all version of 13.1.x, when a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. . EPSS estimates a 0.63% chance of exploitation in the next 30 days.

Description

On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all version of 13.1.x, when a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Metrics

CVSS 3.1

7.5/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Probability

0.63%

45.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
F5	Big-Ip Domain Name System	>= 13.1.0, <= 13.1.5
F5	Big-Ip Domain Name System	>= 14.1.0, < 14.1.5.3
F5	Big-Ip Domain Name System	>= 15.1.0, < 15.1.7
F5	Big-Ip Domain Name System	>= 16.1.0, < 16.1.3.3
F5	Big-Ip Domain Name System	>= 17.0.0, < 17.0.0.2
F5	Big-Ip Local Traffic Manager	>= 13.1.0, <= 13.1.5
F5	Big-Ip Local Traffic Manager	>= 14.1.0, < 14.1.5.3
F5	Big-Ip Local Traffic Manager	>= 15.1.0, < 15.1.7
F5	Big-Ip Local Traffic Manager	>= 16.1.0, < 16.1.3.3
F5	Big-Ip Local Traffic Manager	>= 17.0.0, < 17.0.0.2
F5	Big-Ip 10000s Firmware	All versions
F5	Big-Ip 10200v Firmware	All versions
F5	Big-Ip 10200v-Ssl Firmware	All versions
F5	Big-Ip 12000 Firmware	All versions
F5	Big-Ip 5000s Firmware	All versions
F5	Big-Ip 5200v Firmware	All versions
F5	Big-Ip 5200v-Ssl Firmware	All versions
F5	Big-Ip 7000s Firmware	All versions
F5	Big-Ip 7200v Firmware	All versions
F5	Big-Ip 7200v-Ssl Firmware	All versions
F5	Big-Ip I10600 Firmware	All versions
F5	Big-Ip I10800 Firmware	All versions
F5	Big-Ip I11600 Firmware	All versions
F5	Big-Ip I11800 Firmware	All versions
F5	Big-Ip I15600 Firmware	All versions
F5	Big-Ip I15800 Firmware	All versions
F5	Big-Ip I5600 Firmware	All versions
F5	Big-Ip I5800 Firmware	All versions
F5	Big-Ip I7600 Firmware	All versions
F5	Big-Ip I7800 Firmware	All versions
F5	R10600 Firmware	All versions
F5	R10800 Firmware	All versions
F5	R10900 Firmware	All versions
F5	R5600 Firmware	All versions
F5	R5800 Firmware	All versions
F5	R5900 Firmware	All versions
F5	Velos Bx110 Firmware	All versions
F5	Viprion B2100 Firmware	All versions
F5	Viprion B2150 Firmware	All versions
F5	Viprion B2250 Firmware	All versions
F5	Viprion B4300 Firmware	All versions
F5	Viprion B4450 Firmware	All versions

References

https://my.f5.com/manage/s/article/K37708118Vendor Advisory
https://my.f5.com/manage/s/article/K37708118Vendor Advisory

Timeline

Published: Feb 1, 2023
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2023-22839?

How severe is CVE-2023-22839?

CVE-2023-22839 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 0.63% probability of exploitation in the next 30 days.

How do I fix CVE-2023-22839?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-22839?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST