Design/Logic Flaw

2013-10-2617:55:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.3%

JSON

The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Controller, and WOM 10.0.0 through 10.2.2 and 11.0.0; Analytics 11.0.0; PSM 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.4.1; and WebAccelerator 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.3.0 might change a TCP connection to the ESTABLISHED state before receiving the ACK packet, which allows remote attackers to cause a denial of service (SIGFPE or assertion failure and TMM restart) via unspecified vectors.

CPENameOperatorVersion
big-ip_access_policy_managereq11.0.0
big-ip_access_policy_managereq10.2.0
big-ip_access_policy_managereq10.1.0
big-ip_access_policy_managereq10.2.1
big-ip_access_policy_managereq10.2.2
big-ip_application_security_managereq10.2.2
big-ip_application_security_managereq10.2.1
big-ip_application_security_managereq10.0.0
big-ip_application_security_managereq10.0.1
big-ip_application_security_managereq10.2.0

Name	Operator	Version
big-ip_access_policy_manager	eq	11.0.0
big-ip_access_policy_manager	eq	10.2.0
big-ip_access_policy_manager	eq	10.1.0
big-ip_access_policy_manager	eq	10.2.1
big-ip_access_policy_manager	eq	10.2.2
big-ip_application_security_manager	eq	10.2.2
big-ip_application_security_manager	eq	10.2.1
big-ip_application_security_manager	eq	10.0.0
big-ip_application_security_manager	eq	10.0.1
big-ip_application_security_manager	eq	10.2.0