When an SSL key is imported on a BIG-IP or BIG-IQ system, undisclosed input can cause the mcpd process to terminate. (CVE-2022-41694)
Impact
Traffic is disrupted while the mcpd process restarts. This vulnerability allows a remote, authenticated attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no data plane exposure; this is a control plane issue only.