CVE-2021-22976

Name of the Vulnerable Software and Affected Versions BIG-IP Advanced WAF and ASM versions 12.1.x BIG-IP Advanced WAF and ASM versions 13.1.x before 13.1.3.6 BIG-IP Advanced WAF and ASM versions 14.1.x before 14.1.3.1 BIG-IP Advanced WAF and ASM versions 15.1.x before 15.1.2 BIG-IP Advanced WAF and ASM versions 16.0.x before 16.0.1.1

Description The BIG-IP ASM system can experience excessive CPU usage in the BIG-IP ASM bd process when processing WebSocket requests with JSON payloads that contain an unusually large number of parameters.

Recommendations For versions 12.1.x, consider disabling WebSocket support until a patch is available. For versions 13.1.x before 13.1.3.6, update to version 13.1.3.6 or later. For versions 14.1.x before 14.1.3.1, update to version 14.1.3.1 or later. For versions 15.1.x before 15.1.2, update to version 15.1.2 or later. For versions 16.0.x before 16.0.1.1, update to version 16.0.1.1 or later.