Lucene search
F5F5:K11342432HistoryMay 08, 2024 - 12:00 a.m.
K11342432 : BIG-IP HTTP non-RFC-compliant security exposure
2024-05-0800:00:00
my.f5.com
17
big-ip
http
non-rfc-compliant
security exposure
enforce rfc compliance
asm
advanced waf
backend pool members
software
7.2 High
AI Score
Confidence
High
Security Advisory Description
This issue occurs when a non-RFC-compliant HTTP request is received by a virtual server on a system matching one of the following conditions:
- BIG-IP 15.1.0 and later version with a virtual server with an HTTP profile with Enforce RFC Compliance enabled.
- All supported versions of BIG-IP with a virtual server with an ASM/Advanced WAF security policy.
Impact
Non-RFC-compliant HTTP requests are forwarded to the backend pool members.
Symptoms
As a result of this issue, you may encounter the following symptom:
- The backend pool member may respond with a 400 Bad Request HTTP status.
| Vendor | Product | Version | CPE |
|---|---|---|---|
| f5 | big\-ip_next | 20.0.1 | cpe:2.3:a:f5:big\-ip_next:20.0.1:*:*:*:*:*:*:* |
| f5 | big\-ip_next | 20.0.2 | cpe:2.3:a:f5:big\-ip_next:20.0.2:*:*:*:*:*:*:* |
| f5 | big\-ip_next | 20.1.0 | cpe:2.3:a:f5:big\-ip_next:20.1.0:*:*:*:*:*:*:* |
| f5 | big\-ip_next | 20.1.1 | cpe:2.3:a:f5:big\-ip_next:20.1.1:*:*:*:*:*:*:* |
| f5 | big\-ip_next | 20.2.0 | cpe:2.3:a:f5:big\-ip_next:20.2.0:*:*:*:*:*:*:* |
| f5 | big\-ip_next | 1.1.0 | cpe:2.3:a:f5:big\-ip_next:1.1.0:*:*:*:*:*:*:* |
| f5 | big\-ip_next | 1.1.1 | cpe:2.3:a:f5:big\-ip_next:1.1.1:*:*:*:*:*:*:* |
| f5 | big\-ip_next | 1.2.0 | cpe:2.3:a:f5:big\-ip_next:1.2.0:*:*:*:*:*:*:* |
| f5 | big\-ip_next | 1.2.1 | cpe:2.3:a:f5:big\-ip_next:1.2.1:*:*:*:*:*:*:* |
| f5 | big\-ip_next | 1.3.0 | cpe:2.3:a:f5:big\-ip_next:1.3.0:*:*:*:*:*:*:* |
7.2 High
AI Score
Confidence
High