When an LTM TCP profile configured on a virtual server has the Auto Receive Window option enabled, undisclosed traffic can cause the virtual server to stop processing new client connections. (CVE-2022-36795)
Impact
Traffic is disrupted for new IP requests. This vulnerability allows a remote unauthenticated attacker to cause a denial-of-service (DoS) on the BIG-IP system, specific to the impacted virtual server. There is no control plane exposure; this is a data plane issue only.