CVE-2021-23000

Name of the Vulnerable Software and Affected Versions BIG-IP versions 13.1.3.4 through 13.1.3.6 BIG-IP version 12.1.5.2

Description A specific sequence of malicious requests may cause TMM to restart in rare instances if the tmm.http.rfc.enforcement BigDB key is enabled or the Bad host header value is checked in the AFM HTTP security profile associated with a virtual server.

Recommendations For BIG-IP versions 13.1.3.4 through 13.1.3.6, consider disabling the tmm.http.rfc.enforcement BigDB key as a temporary workaround until a patch is available. For BIG-IP version 12.1.5.2, restrict access to the AFM HTTP security profile associated with a virtual server to minimize the risk of exploitation. Avoid using the Bad host header value in the AFM HTTP security profile until the issue is resolved.