Features in the BIG-IP system that utilize inflate functionality directly, via an iRule, or via the inflate code from PEM module are subjected to a service disruption via a “Zip Bomb” attack. (CVE-2017-6153)
Impact
BIG-IP systems deployed in Forward Proxy mode with the inflate functionality enabled are at greatest risk for this vulnerability. BIG-IP systems that are collecting and manually decompressing data by way of iRules (using HTTP::collect andDECOMPRESS/COMPRESS) have additional risk, as this situation may increase the likelihood of successful exploitation. The control plane is not impacted by this issue; this issue is observed on the data plane.