CVE-2021-22985

Name of the Vulnerable Software and Affected Versions BIG-IP APM versions 16.0.x through 16.0.1.1

Description The issue arises when processing VPN traffic with APM under certain conditions, causing TMM to consume excessive memory. A malicious, authenticated VPN user may exploit this to perform a Denial of Service (DoS) attack against the APM.

Recommendations For BIG-IP APM versions 16.0.x through 16.0.1.1, update to version 16.0.1.1 or later to resolve the issue. As a temporary workaround, consider restricting VPN access to trusted users and monitoring TMM memory usage to minimize the risk of exploitation.