K31025212 : BIG-IP MPTCP vulnerability CVE-2021-23004

Security Advisory Description

Multipath TCP (MPTCP) forwarding flows may be created on standard virtual servers without MPTCP enabled in the applied TCP profile. (CVE-2021-23004)

Impact

A remote attacker may be able to cause a BIG-IP system to consume excessive system resources and produce a core file, disrupting the flow of traffic and causing a failover to a standby system, if you configured one.