QID 375886

Date Published: 2021-09-29

QID 375886: F5 BIG-IP Application Security Manager (ASM) MySQL Database Vulnerability (K36942191)

F5 BIG-IP ASM (Application Security Manager) is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments.

When the brute force protection feature of ASM is enabled on a virtual server and the virtual server is under brute force attack, the MySQL database may run out of disk space due to lack of row limit on undisclosed tables in the MYSQL database. (CVE-2021-23053)

Vulnerable Component: BIG-IP ASM

Affected Versions:
15.1.0 - 15.1.2
14.1.0 - 14.1.3.0
13.1.0 - 13.1.3.5

QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.

When attackers exploit this vulnerability, the MySQL database consumes more storage space than expected. As a result, the related configuration and reporting services in the Configuration utility, the TMOS Shell (tmsh), and iControl REST may fail to function as expected. Though the attack originates in the data plane, the attack impacts only the control plane.

  • CVSS V3 rated as Medium - 5.3 severity.
  • CVSS V2 rated as Medium - 4.3 severity.
  • Solution
    The vendor has released patch, for more information please visit: K36942191
    Vendor References

    CVEs related to QID 375886

    Software Advisories
    Advisory ID Software Component Link
    K36942191 URL Logo support.f5.com/csp/article/K36942191