CVE-2016-9245

Name of the Vulnerable Software and Affected Versions F5 BIG-IP systems versions 12.1.0 through 12.1.2

Description The issue allows malicious requests made to virtual servers with an HTTP profile to cause the TMM to restart. This is exposed with BIG-IP APM profiles, regardless of settings, and with the non-default "Normalize URI" configuration options used in iRules and/or BIG-IP LTM policies. An attacker may be able to disrupt traffic or cause the BIG-IP system to fail over to another device in the device group.

Recommendations For F5 BIG-IP systems versions 12.1.0 through 12.1.2, consider disabling the HTTP profile for virtual servers or avoiding the use of non-default "Normalize URI" configuration options in iRules and/or BIG-IP LTM policies until a fix is available. Restrict access to virtual servers with BIG-IP APM profiles to minimize the risk of exploitation.