CVE-2017-0302

Name of the Vulnerable Software and Affected Versions F5 BIG-IP APM versions 12.0.0 through 12.1.2 F5 BIG-IP APM version 13.0.0

Description An issue exists where an authenticated user with an established access session to the BIG-IP APM system may cause a traffic disruption if the length of the requested URL is less than 16 characters.

Recommendations For F5 BIG-IP APM versions 12.0.0 through 12.1.2, update to a version that addresses this issue. For F5 BIG-IP APM version 13.0.0, update to a version that addresses this issue. As a temporary workaround, consider restricting access to URLs with lengths less than 16 characters to minimize the risk of exploitation.