F5 Networks BIG-IP : BIG-IP IPsec tunnel endpoint vulnerability (K05263202)
Medium Nessus Plugin ID 118623
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionWhen the BIG-IP system is configured with a wildcard IPsec tunnel endpoint, it may allow a remote attacker to disrupt or impersonate the tunnels that have completed phase 1 IPsec negotiations. The attacker must possess the necessary credentials to negotiate the phase 1 of the IPsec exchange to exploit this vulnerability; in many environments, this limits the attack surface to other endpoints under the same administration. (CVE-2017-6156)
A remote attacker may be able to disrupt or impersonate the tunnels that have completed phase 1 IPsec negotiations.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K05263202.