K06323049 : BIG-IP IPsec ALG vulnerability CVE-2022-29473

Security Advisory Description

When an IPSec ALG profile is configured on a virtual server, undisclosed responses can cause the Traffic Management Microkernel (TMM) to terminate. (CVE-2022-29473)

Impact

Traffic is disrupted while the TMM process restarts. This vulnerability allows an unauthenticated remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.