Last Modified: Oct 17, 2023
Affected Product(s):
BIG-IP AAM, AFM, APM, ASM, AVR, LTM, PEM, PSM, WAM
Known Affected Versions:
11.2.1, 11.3.0, 11.4.0, 11.4.1, 11.6.0
Fixed In:
11.6.1, 11.5.4 HF2, 11.2.1 HF16
Opened: Jan 28, 2016 Severity: 3-Major Related Article:
K70896130
When a fragmented response is parsed by HTTP, the version field may be incorrectly bounded. HTTP correctly determines the version of the response. However, other filters that re-scan the version field might see a truncated value. The filters then miss-parse the HTTP version.
The detected version of HTTP may be incorrect. Typically, the response is detected as a HTTP/0.9 response rather than the 1.0 or 1.1 response it actually uses.
A fragmented response where the HTTP version field appears in multiple packets. Another filter, for example VDI, re-scans the HTTP version field.
None.
HTTP correctly bounds the response version for other filters to parse.