On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, a high volume of malformed analytics report requests leads to instability in restjavad process. This causes issues with both iControl REST and some portions of TMUI. The attack requires an authenticated user with any role.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Big-ip_local_traffic_manager | F5 | 12.1.0 (including) | 12.1.4.1 (excluding) |
Big-ip_local_traffic_manager | F5 | 13.0.0 (including) | 13.1.1.5 (excluding) |
Big-ip_local_traffic_manager | F5 | 14.0.0 (including) | 14.0.0.5 (excluding) |
Big-ip_local_traffic_manager | F5 | 14.1.0 (including) | 14.1.0.6 (excluding) |