CVE-2019-6627

Name of the Vulnerable Software and Affected Versions F5 SSL Orchestrator versions 14.1.0 through 14.1.0.5

Description The issue occurs under specific conditions involving a race condition, where the Traffic Management Microkernel (TMM) may restart when SSL Forward Proxy enforces a bypass action for an SSL Orchestrator transparent virtual server that has SNAT (Secure Network Address Translation) enabled.

Recommendations For F5 SSL Orchestrator versions 14.1.0 through 14.1.0.5, consider temporarily disabling SNAT for SSL Orchestrator transparent virtual servers to minimize the risk of TMM restarts until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.