On versions 15.0.0-15.0.1.1, the BIG-IP ASM Cloud Security Services profile uses a built-in verification mechanism that fails to properly authenticate the X.509 certificate of remote endpoints.
[
{
"product": "BIG-IP ASM",
"vendor": "F5",
"versions": [
{
"status": "affected",
"version": "15.0.0-15.0.1.1"
}
]
}
]