BIG-IP Advanced WAF and ASM WebSocket vulnerability CVE-2021-23030

2021-08-24T13:02:00
ID F5:K42051445
Type f5
Reporter f5
Modified 2021-09-08T17:26:00

Description

When a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. (CVE-2021-23030)

Impact

Traffic is disrupted while the bd process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.