CVE-2017-6163

Name of the Vulnerable Software and Affected Versions F5 BIG-IP software versions 11.4.0 through 11.5.4 F5 BIG-IP software versions 11.6.0 through 11.6.1 F5 BIG-IP software versions 12.0.0 through 12.1.2

Description The issue occurs when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a number of concurrent streams beyond the advertised limit, causing a disruption of service. The Traffic Management Microkernel (TMM) data plane is exposed to this issue.

Recommendations For versions 11.4.0 through 11.5.4, consider restricting the number of concurrent streams to the advertised limit to prevent disruption of service. For versions 11.6.0 through 11.6.1, consider restricting the number of concurrent streams to the advertised limit to prevent disruption of service. For versions 12.0.0 through 12.1.2, consider restricting the number of concurrent streams to the advertised limit to prevent disruption of service.