Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP FPS
Known Affected Versions:
12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1
Fixed In:
14.1.0, 13.1.1.2, 12.1.3.7
Opened: Jul 30, 2018 Severity: 3-Major
in case of large request/response, if FPS needs to store ingress and ingress chunks in buffer for additional processing (ingress :: for parameter parsing, egress :: for login validation's banned/mandatory strings check or scripts injection), if the server responds fast enough, the buffer may contain mixed parts of request/response. This may have several effects, from incorrectly performing login-validation to generating a tmm core file.
This results in one or more of the following: -- Login validation failure/skip. -- Bad response/script injection. -- tmm core. In this case, traffic is disrupted while tmm restarts.
-- Login validation is enabled and configured to check for banned/mandatory string. -- A username parameter is configured. -- There are no parameters configured for encrypt/HTML Field Obfuscation (HFO), and no decoy parameters. -- There is a large request and response. -- The system response very quickly.
None.
FPS now handles ingress/egress buffers separately, so this issue no longer occurs.