vulnerability

F5 Networks: K65615624 (CVE-2017-6166): BIG-IP FastL4 TMM vulnerability CVE-2017-6166

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:N/A:P)	Nov 6, 2017	Nov 6, 2017	Feb 1, 2018

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:P)

Published

Nov 6, 2017

Added

Nov 6, 2017

Modified

Feb 1, 2018

Description

In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12.0.0 to 12.1.1, in some cases the Traffic Management Microkernel (TMM) may crash when processing fragmented packets. This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted while TMM restarts. If the affected BIG-IP system is configured as part of a device group, it will trigger a failover to the peer device.

Solution

f5-big-ip-upgrade-latest

References

URL-https://support.f5.com/csp/article/K65615624
BID-102264
SECTRACK-1039949
NVD-CVE-2017-6166

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today