F5.BIG-IP.ASM.HTTP.Response.Header.Buffer.Overflow

Description

This indicates an attack attempt to exploit a Buffer Overflow Vulnerability in F5 BIG-IP Application Security Manager.
The vulnerability is due to an input validation error when the vulnerable software handles a maliciously crafted HTTP Response. A remote attacker may be able to exploit this to execute arbitrary code or lead to a denial of service condition within the context of the application, via a crafted HTTP response.

Outbreak Alert

The 2 most critical vulnerabilities allow a remote attacker with access to the user interface (or REST API via the user interface) to gain full control of the system and execute arbitrary system commands, create or delete files, and disable services. The most critical is unauthenticated. Exploitation can lead to complete system compromise. The U.S. Cybersecurity and Infrastructure Agency (CISA) has urged companies using BIG-IP and BIG-IQ to fix the critical F5 flaws.

View the full Outbreak Alert Report

Affected Products

BIG-IP (Advanced WAF and ASM) 16.0.0-16.0.1
BIG-IP (Advanced WAF and ASM) 15.1.0-15.1.2
BIG-IP (Advanced WAF and ASM) 14.1.0-14.1.3
BIG-IP (Advanced WAF and ASM) 13.1.0-13.1.3
BIG-IP (Advanced WAF and ASM) 12.1.0-12.1.5
BIG-IP (Advanced WAF and ASM) 11.6.1-11.6.5

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://support.f5.com/csp/article/K52510511