CVE-2021-23030

Name of the Vulnerable Software and Affected Versions BIG-IP Advanced WAF and BIG-IP ASM versions 12.1.x BIG-IP Advanced WAF and BIG-IP ASM versions 13.1.x before 13.1.4.1 BIG-IP Advanced WAF and BIG-IP ASM versions 14.1.x before 14.1.4.3 BIG-IP Advanced WAF and BIG-IP ASM versions 15.1.x before 15.1.3.1 BIG-IP Advanced WAF and BIG-IP ASM versions 16.0.x before 16.0.1.2

Description When a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. This issue affects BIG-IP Advanced WAF and BIG-IP ASM.

Recommendations For versions 12.1.x, there is no information about a newer version that contains a fix for this vulnerability. For versions 13.1.x before 13.1.4.1, update to version 13.1.4.1 or later. For versions 14.1.x before 14.1.4.3, update to version 14.1.4.3 or later. For versions 15.1.x before 15.1.3.1, update to version 15.1.3.1 or later. For versions 16.0.x before 16.0.1.2, update to version 16.0.1.2 or later.