PT-2016-3871 · F5 · F5 Big-Ip Apm+5

Published

2016-04-11

·

Updated

2016-04-18

·

CVE-2015-8240

CVSS v2.0

5.0

Medium

VectorAV:N/AC:L/Au:N/C:N/I:N/A:P
Name of the Vulnerable Software and Affected Versions F5 BIG-IP LTM versions prior to 11.4.1 HF10 F5 BIG-IP LTM versions 11.5.x prior to 11.5.4 F5 BIG-IP LTM versions 11.6.x prior to 11.6.0 HF6 F5 BIG-IP AAM versions prior to 11.4.1 HF10 F5 BIG-IP AAM versions 11.5.x prior to 11.5.4 F5 BIG-IP AAM versions 11.6.x prior to 11.6.0 HF6 F5 BIG-IP AFM versions prior to 11.4.1 HF10 F5 BIG-IP AFM versions 11.5.x prior to 11.5.4 F5 BIG-IP AFM versions 11.6.x prior to 11.6.0 HF6 F5 BIG-IP Analytics versions prior to 11.4.1 HF10 F5 BIG-IP Analytics versions 11.5.x prior to 11.5.4 F5 BIG-IP Analytics versions 11.6.x prior to 11.6.0 HF6 F5 BIG-IP APM versions prior to 11.4.1 HF10 F5 BIG-IP APM versions 11.5.x prior to 11.5.4 F5 BIG-IP APM versions 11.6.x prior to 11.6.0 HF6 F5 BIG-IP ASM versions prior to 11.4.1 HF10 F5 BIG-IP ASM versions 11.5.x prior to 11.5.4 F5 BIG-IP ASM versions 11.6.x prior to 11.6.0 HF6 F5 BIG-IP GTM versions prior to 11.4.1 HF10 F5 BIG-IP GTM versions 11.5.x prior to 11.5.4 F5 BIG-IP GTM versions 11.6.x prior to 11.6.0 HF6 F5 BIG-IP Link Controller versions prior to 11.4.1 HF10 F5 BIG-IP Link Controller versions 11.5.x prior to 11.5.4 F5 BIG-IP Link Controller versions 11.6.x prior to 11.6.0 HF6 F5 BIG-IP PEM versions prior to 11.4.1 HF10 F5 BIG-IP PEM versions 11.5.x prior to 11.5.4 F5 BIG-IP PEM versions 11.6.x prior to 11.6.0 HF6 F5 BIG-IP PSM versions prior to 11.4.1 HF10
Description The Traffic Management Microkernel (TMM) in F5 BIG-IP does not properly handle TCP options, which allows remote attackers to cause a denial of service via unspecified vectors, related to the tm.minpathmtu database variable.
Recommendations For F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM versions prior to 11.4.1 HF10, update to version 11.4.1 HF10 or later. For F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM versions 11.5.x prior to 11.5.4, update to version 11.5.4 or later. For F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM versions 11.6.x prior to 11.6.0 HF6, update to version 11.6.0 HF6 or later. For F5 BIG-IP PSM versions prior to 11.4.1 HF10, update to version 11.4.1 HF10 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-19

Related Identifiers

CVE-2015-8240

Affected Products

F5 Big-Ip Apm
F5 Big-Ip Analytics
F5 Big-Ip Gtm
F5 Big-Ip Ltm
F5 Big-Ip Link Controller
F5 Big-Ip Pem