F5 BIG-IP Advanced WAF and ASM WebSocket Denial of Service Vulnerability (CNVD-2021-65633)

2021-08-2600:00:00

China National Vulnerability Database

www.cnvd.org.cn

0.001 Low

EPSS

Percentile

42.5%

JSON

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. When a Websocket profile is configured on the Virtual server of BIG-IP AWAF/ASM, undisclosed requests may cause the BD process to terminate.BIG-IP A restart of the BD process of AWAF/ASM can cause a traffic disruption. An attacker could use this vulnerability to cause a denial of service (DoS) on the BIG-IP system.

CPENameOperatorVersion
f5 big-ip (advanced waf and asm) 13.1.0-eq13.1.3
f5 big-ip (advanced waf and asm) 15.1.0-eq15.1.3
f5 big-ip (advanced waf and asm) 16.0.0-eq16.0.1
f5 big-ip (advanced waf and asm) 14.1.0-eq14.1.4
f5 big-ip (advanced waf and asm) 12.1.0-eq12.1.6

Name	Operator	Version
f5 big-ip (advanced waf and asm) 13.1.0-	eq	13.1.3
f5 big-ip (advanced waf and asm) 15.1.0-	eq	15.1.3
f5 big-ip (advanced waf and asm) 16.0.0-	eq	16.0.1
f5 big-ip (advanced waf and asm) 14.1.0-	eq	14.1.4
f5 big-ip (advanced waf and asm) 12.1.0-	eq	12.1.6

0.001 Low

EPSS

Percentile

42.5%

JSON

Related for CNVD-2021-65633