QID 375894

Date Published: 2021-09-29

QID 375894: F5 BIG-IP Application Security Manager (ASM) Denial of Service (DoS) Vulnerability (K00602225)

F5 BIG-IP ASM (Application Security Manager) is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments.

When JSON content profiles are configured for URLs as part of an F5 Advanced Web Application Firewall (WAF)/BIG-IP ASM security policy and applied to a virtual server, undisclosed requests may cause the BIG-IP ASM bd process to terminate. (CVE-2021-23028)

Vulnerable Component: BIG-IP ASM

Affected Versions:
15.1.1 - - -
12.1.0 - 12.1.6

QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.

Traffic is disrupted while the BIG-IP ASM bd process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.

  • CVSS V3 rated as High - 7.5 severity.
  • CVSS V2 rated as Medium - 4.3 severity.
  • Solution
    The vendor has released patch, for more information please visit: K00602225
    Vendor References

    CVEs related to QID 375894

    Software Advisories
    Advisory ID Software Component Link
    K00602225 URL Logo support.f5.com/csp/article/K00602225