CVE-2021-22996

Name of the Vulnerable Software and Affected Versions BIG-IQ versions 7.x through 7.x (prior to 8.0.0)

Description A BIG-IQ Data Collection Device (DCD) cluster member that receives an undisclosed message may cause the corosync process to abort when set up for auto failover. This behavior may lead to a denial-of-service (DoS) and impact the stability of a BIG-IQ high availability (HA) cluster.

Recommendations For versions 7.x, update to version 8.0.0 to resolve the issue. As a temporary workaround, consider restricting the auto failover setup to minimize the risk of exploitation.