In all BIG-IP 13.1.x versions, when an iRule containing the HTTP::collect command is configured on a virtual server, undisclosed requests can cause Traffic Management Microkernel (TMM) to terminate.
2022-10-19T22:15:13.400
2024-11-21T07:23:54.067
Modified
CVSSv3.1: 7.5 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | f5 | big-ip_access_policy_manager | ≤ 13.1.5 | Yes |
| Application | f5 | big-ip_advanced_firewall_manager | ≤ 13.1.5 | Yes |
| Application | f5 | big-ip_analytics | ≤ 13.1.5 | Yes |
| Application | f5 | big-ip_application_acceleration_manager | ≤ 13.1.5 | Yes |
| Application | f5 | big-ip_application_security_manager | ≤ 13.1.5 | Yes |
| Application | f5 | big-ip_domain_name_system | ≤ 13.1.5 | Yes |
| Application | f5 | big-ip_fraud_protection_service | ≤ 13.1.5 | Yes |
| Application | f5 | big-ip_global_traffic_manager | ≤ 13.1.5 | Yes |
| Application | f5 | big-ip_link_controller | ≤ 13.1.5 | Yes |
| Application | f5 | big-ip_local_traffic_manager | ≤ 13.1.5 | Yes |
| Application | f5 | big-ip_policy_enforcement_manager | ≤ 13.1.5 | Yes |