Memory Leak and Connection Reset Vulnerability in BIG-IP AFM HTTP Security Profile (Version 13.1.3.4)

Memory Leak and Connection Reset Vulnerability in BIG-IP AFM HTTP Security Profile (Version 13.1.3.4)

CVE-2020-27713 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

In certain configurations on version 13.1.3.4, when a BIG-IP AFM HTTP security profile is applied to a virtual server and the BIG-IP system receives a request with specific characteristics, the connection is reset and the Traffic Management Microkernel (TMM) leaks memory.

Learn more about our Cis Benchmark Audit For Server Software.