Vigil@nce - F5 BIG-IP ASM: read-write access via Bot Defense
December 2020 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/?langue=2
SYNTHESIS OF THE VULNERABILITY
Impacted products: BIG-IP Hardware, TMOS.
Severity: 2/4.
Consequences: data reading, data creation/edition, data flow.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 28/10/2020.
DESCRIPTION OF THE VULNERABILITY
An attacker can bypass access restrictions via Bot Defense of F5
BIG-IP ASM, in order to read or alter data.
ACCESS TO THE FULL VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/F5-BIG-IP-ASM-read-write-access-via-Bot-Defense-33707