F5 Networks BIG-IP : TLS vulnerability (K02714910)
Medium Nessus Plugin ID 118598
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionIn some circumstances, the Traffic Management Microkernel (TMM) does not properly handle certain malformed TLS1.2 records, which allows remote attackers to cause a denial-of-service (DoS) or possible remote command execution on the BIG-IP system. (CVE-2017-6164)
A remote attacker may be able cause a denial of service (DoS) or possibly run a commandremotelyon the BIG-IP system.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K02714910.