More information about this CVE will likely be available in a few days.


On BIG-IP Advanced WAF and BIG-IP ASM version 16.0.x before and 15.1.x before 15.1.3 and NGINX App Protect on all versions before 3.5.0, when a cross-site request forgery (CSRF)-enabled policy is configured on a virtual server, an undisclosed HTML response may cause the bd process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Related CPE's

Could not find any relations

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics