QID 375887

Date Published: 2021-09-29

QID 375887: F5 BIG-IP Application Security Manager (ASM) WebSocket Vulnerability (K05314769)

F5 BIG-IP ASM (Application Security Manager) is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments.

When a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. (CVE-2021-23033)

Vulnerable Component: BIG-IP ASM

Affected Versions:
16.0.0 - 16.0.1
15.1.0 - 15.1.3.0
14.1.0 - 14.1.4.3
13.1.0 - 13.1.4.0
12.1.0 - 12.1.6

QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.

Traffic is disrupted while the bd process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.

  • CVSS V3 rated as High - 7.5 severity.
  • CVSS V2 rated as Medium - 4.3 severity.
  • Solution
    The vendor has released patch, for more information please visit: K05314769
    Vendor References

    CVEs related to QID 375887

    Software Advisories
    Advisory ID Software Component Link
    K05314769 URL Logo support.f5.com/csp/article/K05314769