Key Information Vulnerability ID: CVE-2020-5931 Description: - Virtual servers with a OneConnect profile may incorrectly handle WebSocket-related HTTP response headers, causing the Traffic Management Microkernel (TMM) to restart. Impact: - An attacker may be able to perform a denial-of-service (DoS) attack on a BIG-IP system by triggering the TMM process to restart. Severity: - CVSSv3 score: 7.5 (High) Affected Products: - BIG-IP (including LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions: - 15.x: 15.0.0 - 15.1.0 (Fixed version: 15.1.1) - 14.x: 14.0.0 - 14.1.2 (Fixed version: 14.1.2.5) - 13.x: 13.1.x (Fixed version: 13.1.3.6) - 12.x, 11.x versions are affected, but no fixed versions are provided Mitigation: - Upgrade to a non-vulnerable version - Remove the OneConnect profile from affected virtual servers to mitigate the issue Release Date: October 28, 2020 Update Date: February 22, 2023 Discovery: - The issue was discovered internally by F5