CVE-2019-6629

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions 14.1.0 through 14.1.0.5

Description The issue occurs when undisclosed SSL traffic is sent to a virtual server configured with a Client SSL profile that has session tickets enabled and uses DHE cipher suites. This can cause the Traffic Management Microkernel (TMM) to fail and restart. The impact is limited to the data plane, with no effect on the control plane.

Recommendations For versions 14.1.0 through 14.1.0.5, consider disabling session tickets in the Client SSL profile or avoiding the use of DHE cipher suites as a temporary workaround until a patch is available. Restrict access to the virtual server configured with the affected Client SSL profile to minimize the risk of exploitation.