Rewterz Threat Advisory – CVE-2021-1488 – Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software command execution
April 29, 2021Rewterz Threat Alert – Malicious Covid-19 URLs
April 29, 2021Rewterz Threat Advisory – CVE-2021-1488 – Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software command execution
April 29, 2021Rewterz Threat Alert – Malicious Covid-19 URLs
April 29, 2021Severity
High
Analysis Summary
CVE-2021-23011
The F5 BIG-IP exploit allows a remote attacker to cause denial of service conditions in the infected system. The vulnerability is caused by a flaw when buffering packet fragments for reassembly. The attacker can exploit this vulnerability by sending specially crafted packets to cause the Traffic Management Microkernel (TMM) to restart. This results in a denial-of-service condition.
CVE-2021-23010
F5 BIG-IP (ASM) allows a remote attacker to cause denial of service conditions in the infected system. The vulnerability is caused by a flaw when processing WebSocket requests with JSON payloads. The attacker can exploit this vulnerability by sending a specially crafted request using the default JSON content profile in the ASM security policy. This vulnerability causes the bd process to crash and results in a denial-of-service condition.
CVE-2021-23009
The F5 BIG-IP exploit allows a remote attacker to cause denial of service conditions in the infected system. The vulnerability is caused by an infinite loop flaw. The attacker can exploit this vulnerability by sending specially-crafted HTTP/2 requests to cause the Traffic Management Microkernel (TMM) to restart. This results in a denial-of-service condition.
Impact
Denial of Service
Affected Vendors
F5
Affected Products
- F5 BIG-IP 16.0.1 and prior versions
- F5 BIG-IP (ASM) 16.0.1 and prior versions
Remediation
For the list of affected products, patches, and mitigation techniques visit the website https://support.f5.com/csp/article/K18570111