When an Active mode-enabled FTP profile is configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing active FTP data channel connections. (CVE-2022-26130)
Impact
Traffic is disrupted for active FTP data channel connections. This vulnerability allows a remote unauthenticated attacker to cause a denial-of-service (DoS) on the BIG-IP system, specific to the impacted virtual server. There is no control plane exposure; this is a data plane issue only.