CVE-2018-5527

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions 13.1.0 through 13.1.0.7

Description A remote attacker can force the Traffic Management Microkernel (tmm) to leak memory on virtual servers configured with a Client SSL or Server SSL profile that has the SSL Forward Proxy feature enabled. This results in increased system memory usage over time, potentially causing decreased performance or a system reboot due to memory exhaustion.

Recommendations For F5 BIG-IP versions 13.1.0 through 13.1.0.7, consider disabling the SSL Forward Proxy feature as a temporary workaround to minimize the risk of memory leakage until a patch is available.