PT-2017-16908 · F5 · F5 Big-Ip
Publicado
2017-12-21
·
Atualizado
2018-01-05
·
CVE-2017-6136
CVSS v3.1
5.9
Média
| Vetor | AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
F5 BIG-IP software versions 12.0.0 through 12.1.2
F5 BIG-IP software version 13.0.0
Description
The issue affects F5 BIG-IP when undisclosed traffic patterns are sent to BIG-IP virtual servers with specific TCP profile settings enabled, potentially causing a disruption of service to the Traffic Management Microkernel (TMM). This occurs when the TCP Fast Open and Tail Loss Probe options are enabled in the associated TCP profile.
Recommendations
For F5 BIG-IP software versions 12.0.0 through 12.1.2, consider disabling the TCP Fast Open and Tail Loss Probe options in the associated TCP profile as a temporary workaround until a patch is available.
For F5 BIG-IP software version 13.0.0, consider disabling the TCP Fast Open and Tail Loss Probe options in the associated TCP profile as a temporary workaround until a patch is available.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
F5 Big-Ip