Attackers in a privileged network position may be able to obtain TCP sequence numbers (SEQ) from the BIG-IP system for a short period of time (up to 4 seconds) that will be reused in future connections with the same source and destination port and IP numbers.
Impact
Attackers in a privileged network position can spoof SEQ to be used by a future connection.
Note: This vulnerability is specific to BIG-IP virtual servers. However, some network scanners may incorrectly identify this issue as CVE-2002-1463. Additionally, this vulnerability only affects BIG-IP platforms equipped with the HSBe2 chip. For more information, refer to K14779: Overview of BIG-IP SYN cookie protection (11.3.x - 12.x).