Lucene search
China National Vulnerability DatabaseCNVD-2021-65652HistoryAug 26, 2021 - 12:00 a.m.
F5 BIG-IP Advanced WAF and ASM are unspecified vulnerabilities
2021-08-2600:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
0.001 Low
EPSS
Percentile
42.5%
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A security vulnerability exists in F5 BIG-IP Advanced WAF and ASM due to a JSON content profile referenced in an AWAF/ASM security policy that contains policies for URLs and is associated with a virtual server. An undisclosed request could cause the BD process of BIG-IP AWAF/ASM to terminate when the policy containing URLs for content profiles is associated with a virtual server. An attacker could exploit this vulnerability to launch a denial of service against BIG-IP.
Related
f5
f5
K00602225 : Advanced WAF and BIG-IP ASM vulnerability CVE-2021-23028
2021-08-24 00:00:00
K50974556 : Overview of F5 vulnerabilities (August 2021)
2021-08-24 00:00:00
cve
cve
CVE-2021-23028
2021-09-14 21:15:07
cvelist
cvelist
CVE-2021-23028
2021-09-14 20:53:54
nvd
nvd
CVE-2021-23028
2021-09-14 21:15:07
prion
prion
Code injection
2021-09-14 21:15:00
thn
thn
F5 Releases Critical Security Patch for BIG-IP and BIG-IQ Devices
2021-08-26 11:51:00
threatpost
threatpost
F5 Bug Could Lead to Complete System Takeover
2021-08-26 16:40:38