Rewterz Threat Advisory – Multiple F5 BIG IP Vulnerabilities

Severity

High

Analysis Summary

CVE-2021-23011

The F5 BIG-IP exploit allows a remote attacker to cause denial of service conditions in the infected system. The vulnerability is caused by a flaw when buffering packet fragments for reassembly. The attacker can exploit this vulnerability by sending specially crafted packets to cause the Traffic Management Microkernel (TMM) to restart. This results in a denial-of-service condition.

CVE-2021-23010

F5 BIG-IP (ASM) allows a remote attacker to cause denial of service conditions in the infected system. The vulnerability is caused by a flaw when processing WebSocket requests with JSON payloads. The attacker can exploit this vulnerability by sending a specially crafted request using the default JSON content profile in the ASM security policy. This vulnerability causes the bd process to crash and results in a denial-of-service condition.

CVE-2021-23009

The F5 BIG-IP exploit allows a remote attacker to cause denial of service conditions in the infected system. The vulnerability is caused by an infinite loop flaw. The attacker can exploit this vulnerability by sending specially-crafted HTTP/2 requests to cause the Traffic Management Microkernel (TMM) to restart. This results in a denial-of-service condition.

Impact

Denial of Service

Affected Vendors

F5

Affected Products

• F5 BIG-IP 16.0.1 and prior versions
• F5 BIG-IP (ASM) 16.0.1 and prior versions

Remediation

For the list of affected products, patches, and mitigation techniques visit the website https://support.f5.com/csp/article/K18570111