Undisclosed requests can cause iControl REST processes to crash. The attack can only come from an authenticated user; all roles are capable of performing the attack. Unauthenticated users cannot perform this attack. (CVE-2019-6641)
Impact
BIG-IP
When this vulnerability is exploited, the restjavad process restarts. As a result, iControl REST is momentarily unavailable.
BIG-IQ / Enterprise Manager / F5 iWorkflow / Traffix SDC
There is no impact; F5 products are not affected by this vulnerability.