CVE-2021-22985

Summary

On BIG-IP APM version 16.0.x before 16.0.1.1, under certain conditions, when processing VPN traffic with APM, TMM consumes excessive memory. A malicious, authenticated VPN user may abuse this to perform a DoS attack against the APM. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.

Affected Software

VendorProductVersion RangeStatus
n/aBIG-IP APM16.0.x before 16.0.1.1affected

Weaknesses

  • DoS

ADP Enrichment

CVE Program Container

Additional References

References