PT-2015-6647 · F5 · F5 Big-Ip Gtm+8
Publicado
2015-09-18
·
Atualizado
2015-09-22
·
CVE-2015-4638
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM versions 11.3.0 through 11.5.2 and 11.6.0 through 11.6.0 HF4
F5 BIG-IP Edge Gateway, WebAccelerator, and WOM versions 11.2.1 through 11.3.0
F5 BIG-IP PSM versions 11.2.1 through 11.4.1
Description
The issue allows remote attackers to cause a denial of service, resulting in a Traffic Management Microkernel restart, via a fragmented packet.
Recommendations
For F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM versions 11.3.0 through 11.5.2 and 11.6.0 through 11.6.0 HF4, update to a version outside of the affected range to resolve the issue.
For F5 BIG-IP Edge Gateway, WebAccelerator, and WOM versions 11.2.1 through 11.3.0, update to a version outside of the affected range to resolve the issue.
For F5 BIG-IP PSM versions 11.2.1 through 11.4.1, update to a version outside of the affected range to resolve the issue.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
F5 Big-Ip Apm
F5 Big-Ip Analytics
F5 Big-Ip Edge Gateway
F5 Big-Ip Gtm
F5 Big-Ip Ltm
F5 Big-Ip Link Controller
F5 Big-Ip Pem
F5 Big-Ip Wom
F5 Big-Ip Webaccelerator