Date Published: 2021-09-29
QID 375894: F5 BIG-IP Application Security Manager (ASM) Denial of Service (DoS) Vulnerability (K00602225)
F5 BIG-IP ASM (Application Security Manager) is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments.
When JSON content profiles are configured for URLs as part of an F5 Advanced Web Application Firewall (WAF)/BIG-IP ASM security policy and applied to a virtual server, undisclosed requests may cause the BIG-IP ASM bd process to terminate. (CVE-2021-23028)
Vulnerable Component: BIG-IP ASM
15.1.1 - 126.96.36.199
188.8.131.52 - 184.108.40.206
220.127.116.11 - 18.104.22.168
12.1.0 - 12.1.6
QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.
Traffic is disrupted while the BIG-IP ASM bd process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.
- K00602225 - support.f5.com/csp/article/K00602225
CVEs related to QID 375894