K22843911 : F5 Path MTU Discovery vulnerability CVE-2015-7759

2016-01-0800:00:00

my.f5.com

4.3 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.9%

JSON

Security Advisory Description

BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 12.0.0 before HF1, when the TCP profile for a virtual server is configured with Congestion Metrics Cache enabled, allow remote attackers to cause a denial of service (Traffic Management Microkernel (TMM) restart) via crafted ICMP packets, related to Path MTU (PMTU) discovery. (CVE-2015-7759)

Impact

A remote attacker may be able to cause the Traffic Management Microkernel (TMM) to restart using maliciously constructed ICMP packets.

Virtual servers using a TCP profile configured with Congestion Metrics Cache enabled are affected by this vulnerability. Congestion Metrics Cache is enabled by default for TCP profiles.

CPENameOperatorVersion
big-iq centralized managementeq4.X.X
big-ip afmeq11.3.0
big-ip afmeq11.4.0
big-ip afmeq11.4.1
big-ip afmeq11.5.0
big-ip afmeq11.5.1
big-ip afmeq11.5.10
big-ip afmeq11.5.2
big-ip afmeq11.5.3
big-ip afmeq11.5.4

Name	Operator	Version
big-iq centralized management	eq	4.X.X
big-ip afm	eq	11.3.0
big-ip afm	eq	11.4.0
big-ip afm	eq	11.4.1
big-ip afm	eq	11.5.0
big-ip afm	eq	11.5.1
big-ip afm	eq	11.5.10
big-ip afm	eq	11.5.2
big-ip afm	eq	11.5.3
big-ip afm	eq	11.5.4

Rows per page:

1-10 of 3051