Vulnerability identifier: #VU8492
Vulnerability risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
BIG-IP Analytics
Hardware solutions /
Security hardware applicances
BIG-IP PEM
Hardware solutions /
Security hardware applicances
BIG-IP ASM
Hardware solutions /
Security hardware applicances
BIG-IP APM
Hardware solutions /
Security hardware applicances
BIG-IP AFM
Hardware solutions /
Security hardware applicances
BIG-IP LTM
Hardware solutions /
Security hardware applicances
BIG-IP WebSafe
Server applications /
Server solutions for antivurus protection
BIG-IP Link Controller
Hardware solutions /
Routers & switches, VoIP, GSM, etc
BIG-IP DNS
Hardware solutions /
Routers & switches, VoIP, GSM, etc
BIG-IP AAM
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Vendor: F5 Networks
Description
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the SSL Forward Proxy feature of multiple F5 Networks BIG-IP products due to improper processing of undisclosed requests. A remote attacker can send series of undisclosed requests, trigger the "SSL Forward Proxy" setup to connect to untrusted servers and cause the Traffic Management Microkernel (TMM) component to restart.
Successful exploitation of the vulnerability results in denial of service.
Note: This vulnerability affects only devices running a BIG-IP virtual server
that has the SSL Forward Proxy option enabled in the assigned client
and server SSL profiles.
Mitigation
The vulnerability is addressed in the following versions:
12.0.0 - 12.1.2 for BIG-IP LTM, BIG-IP AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP DNS, BIG-IP Link Controller, BIG-IP PEM, BIG-IP WebSafe.
11.4.0 - 11.6.1 for BIG-IP LTM, BIG-IP AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM.
11.2.1 for BIG-IP LTM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP Edge Gateway, BIG-IP GTM, BIG-IP Link Controller.
Vulnerable software versions
BIG-IP Analytics: 12.1.2 HF1 - 13.0.0
BIG-IP WebSafe: 12.1.2 HF1 - 13.0.0
BIG-IP PEM: 12.1.2 HF1 - 13.0.0
BIG-IP Link Controller: 12.1.2 HF1 - 13.0.0
BIG-IP DNS: 12.1.2 HF1 - 13.0.0
BIG-IP ASM: 12.1.2 HF1 - 13.0.0
BIG-IP APM: 12.1.2 HF1 - 13.0.0
BIG-IP AFM: 12.1.2 HF1 - 13.0.0
BIG-IP AAM: 12.1.2 HF1 - 13.0.0
BIG-IP LTM: 12.1.2 HF1 - 13.0.0
External links
http://support.f5.com/csp/article/K43945001
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.