PT-2017-16922 · F5 · F5 Big-Ip
Published
2017-10-27
·
Updated
2017-11-16
·
CVE-2017-6163
CVSS v3.1
5.9
Medium
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
F5 BIG-IP software versions 11.4.0 through 11.5.4
F5 BIG-IP software versions 11.6.0 through 11.6.1
F5 BIG-IP software versions 12.0.0 through 12.1.2
Description
The issue occurs when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a number of concurrent streams beyond the advertised limit, causing a disruption of service. The Traffic Management Microkernel (TMM) data plane is exposed to this issue.
Recommendations
For versions 11.4.0 through 11.5.4, consider restricting the number of concurrent streams to the advertised limit to prevent disruption of service.
For versions 11.6.0 through 11.6.1, consider restricting the number of concurrent streams to the advertised limit to prevent disruption of service.
For versions 12.0.0 through 12.1.2, consider restricting the number of concurrent streams to the advertised limit to prevent disruption of service.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
F5 Big-Ip