QID 375894

Date Published: 2021-09-29

QID 375894: F5 BIG-IP Application Security Manager (ASM) Denial of Service (DoS) Vulnerability (K00602225)

F5 BIG-IP ASM (Application Security Manager) is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments.

When JSON content profiles are configured for URLs as part of an F5 Advanced Web Application Firewall (WAF)/BIG-IP ASM security policy and applied to a virtual server, undisclosed requests may cause the BIG-IP ASM bd process to terminate. (CVE-2021-23028)

Vulnerable Component: BIG-IP ASM

Affected Versions:
16.0.1.1
15.1.1 - 15.1.3.0
14.1.3.1 - 14.1.4.1
13.1.3.5 - 13.1.3.6
12.1.0 - 12.1.6

QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.

Traffic is disrupted while the BIG-IP ASM bd process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.

CVSS V3 rated as High - 7.5 severity.

CVSS V2 rated as Medium - 4.3 severity.

Solution

The vendor has released patch, for more information please visit: K00602225

Vendor References

K00602225 - support.f5.com/csp/article/K00602225

CVEs related to QID 375894

CVE-2021-23028 |

Software Advisories

Advisory ID	Software	Component	Link
K00602225			support.f5.com/csp/article/K00602225

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

Array ( [qid] => 375894 [title] => F5 BIG-IP Application Security Manager (ASM) Denial of Service (DoS) Vulnerability (K00602225) [severity] => 2 [description] => F5 BIG-IP ASM (Application Security Manager) is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments.

Vulnerable Component: BIG-IP ASM

Affected Versions:
16.0.1.1
15.1.1 - 15.1.3.0
14.1.3.1 - 14.1.4.1
13.1.3.5 - 13.1.3.6
12.1.0 - 12.1.6

QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.

[solution] => The vendor has released patch, for more information please visit: K00602225 [consequence] => Traffic is disrupted while the BIG-IP ASM bd process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.

[published] => Yes [date_insert] => 2021-09-28 [date_published] => 2021-09-29 [cve] => Array ( [0] => CVE-2021-23028 ) [vendor_refs] => Array ( [0] => Array ( [vendor_ref] => K00602225 [vendor_ref_url] => https://support.f5.com/csp/article/K00602225 ) ) [cvss_v2] => Array ( [basescore] => 4.3 [temporalscore] => 3.2 ) [cvss_v3] => Array ( [basescore] => 7.5 [temporalscore] => 6.5 ) [patches] => Array ( [0] => Array ( [link] => https://support.f5.com/csp/article/K00602225 [advisory_id] => K00602225 [os_sw] => [component] => ) ) )