CVE-2017-6138

Name of the Vulnerable Software and Affected Versions F5 BIG-IP software versions 12.1.0 through 12.1.2 F5 BIG-IP software version 13.0.0

Description The issue allows malicious requests made to virtual servers with an HTTP profile to cause the TMM to restart. This is exposed with BIG-IP APM profiles, regardless of settings, and with the non-default "normalize URI" configuration options used in iRules and/or BIG-IP LTM policies.

Recommendations For F5 BIG-IP software versions 12.1.0 through 12.1.2, consider disabling the HTTP profile on virtual servers until a patch is available. For F5 BIG-IP software version 13.0.0, consider disabling the HTTP profile on virtual servers until a patch is available. As a temporary workaround, consider restricting the use of BIG-IP APM profiles and the non-default "normalize URI" configuration options in iRules and/or BIG-IP LTM policies to minimize the risk of exploitation.