This issue affects only those versions of BIG-IP where FastL4 is enabled. FastL4 is not enabled by default in newer versions of BIG-IP. For information about how to manually enable FastL4, see the following article in the knowledge base: https://support.f5.com/kb/enabling-fastl4-with-f5-big-ip-nf-servers This issue has been fixed in the following versions of v16.x: v16.1.0 v16.0.0 v15.1.4 v15.1.3 v15.1.1 v15.1.0 v15.0.5 v15.0.4 v15.0.3 v14.1.4 v14.1.3 v14.1.2 v14.1.1 v14.1.0 v14.0.0 v13.1.4 v13.1.3 v13.1.2 v13.1.1 v13.1.0 v12.1.4 v12.1.3 v12.1.2 v12.1.1 v12.1.0 v11.6.0 v11.5.0 v11.4.0 v11.3.0 v11.2.0 v11.1.0 v11.0.0 v10.1.0 v10
What is F5 BIG-IP® v16.x?
F5 BIG-IP® v16.x is the latest version of the enterprise-ready, application delivery controller (ADC) platform designed to deliver high performance, reliability, and availability in any environment. The solution was designed with security in mind and offers advanced visibility into the data plane and deep packet inspection (DPI). F5 BIG-IP provides a broad range of features that include:
* Advanced DPI capabilities including Application Layer Inspection (ALI), Application Visibility and Control (AVC), Content Security Policy (CSP), SSL/TLS inspection, URL filtering, HTTP Inspection, Email Inspection, and DNS Inspection
* Secure Web Portal that allows for centralized management of all access control policies
* Inline caching for large deployments
* VLAN support which extends virtual private networking (VPN) isolation to internal networks
* Unified Access Policy Manager that enables customers to deploy multi-site deployment without code changes
* Zero-touch provisioning which consolidates user provisioning across multiple platforms including physical appliances or virtual machines
How to determine if you are affected by this vulnerability
If you are using an affected version of BIG-IP, you should have received an update from F5 that fixes this vulnerability. If you have not received such an update, the following article in the knowledge base may help: https://support.f5.com/kb/enabling-fastl4-with-f5-big-ip-nf-servers Older versions of v16.x must be manually updated to v16.1.0.
This issue has been fixed in the following versions of v10.1.0 and later: