On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default "normalize URI" configuration options used in iRules and/or BIG-IP LTM policies.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
f5 big-ip local traffic manager |
||
f5 big-ip advanced firewall manager |
||
f5 big-ip application acceleration manager |
||
f5 big-ip analytics |
||
f5 big-ip access policy manager |
||
f5 big-ip protocol security module |
||
f5 big-ip domain name system |
||
f5 big-ip edge gateway |
||
f5 big-ip fraud protection service |
||
f5 big-ip global traffic manager |
||
f5 big-ip link controller |
||
f5 big-ip policy enforcement manager |
||
f5 big-ip webaccelerator |