BIG-IP Advanced WAF and ASM WebSocket vulnerability CVE-2021-23030

ID F5:K42051445
Type f5
Reporter f5
Modified 2021-09-08T17:26:00


When a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. (CVE-2021-23030)


Traffic is disrupted while the bd process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.