CVE-2022-23021

Name of the Vulnerable Software and Affected Versions BIG-IP versions 16.1.x through 16.1.1

Description The issue arises when specific configurations are set up on a virtual server, including an HTTP redirect rule in an LTM policy, a BIG-IP APM Access Profile, and an Explicit HTTP Proxy in an HTTP Profile. These configurations can cause the Traffic Management Microkernel (TMM) to terminate upon receiving undisclosed requests.

Recommendations For BIG-IP versions 16.1.x through 16.1.1, update to version 16.1.2 or later to resolve the issue. As a temporary workaround, consider disabling the HTTP redirect rule in the LTM policy, the BIG-IP APM Access Profile, and the Explicit HTTP Proxy in the HTTP Profile to prevent TMM termination until a patch is applied.