K21800102: HTTP RFC enforcement is bypassed when a redirect iRule is applied to the virtual server

Security Advisory Description A specifically crafted HTTP request may bypass BIG-IP HTTP RFC enforcement and may lead the BIG-IP system to pass malformed HTTP requests to a target pool member web server. This issue occurs when all of the following conditions are met: A virtual server with an iRul...

K50375550: A specifically crafted HTTP request may lead the BIG-IP system to pass malformed HTTP requests to a target pool member web server (HTTP Desync Attack)

Security Advisory Description A specifically crafted HTTP request that contains Content-Length and Transfer-Encoding headers may lead the BIG-IP system to pass malformed HTTP requests to a target pool member web server. This issue occurs when the following condition is met: A virtual server...

K01587042: BIG-IP SPDY and HTTP/2 profile vulnerability CVE-2016-7475

Security Advisory Description Under some circumstances, the Traffic Management Microkernel TMM may not properly clean-up pool member network connections when using SPDY or HTTP/2 virtual server profiles. CVE-2016-7475 Impact In many cases, the pool members will tear down these network connections...

CVE-2016-7475

Under some circumstances on BIG-IP 12.0.0-12.1.0, 11.6.0-11.6.1, or 11.4.0-11.5.4 HF1, the Traffic Management Microkernel TMM may not properly clean-up pool member network connections when using SPDY or HTTP/2 virtual server profiles...