F5 Networks BIG-IP : BIG-IP PEM vulnerability (K10329515)
Medium Nessus Plugin ID 118627
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionUnder certain conditions, TMM may produce a core file and restart when processing compressed data though a virtual server with an associated PEM profile using the content insertion option. (CVE-2018-5508)
The Traffic Management Microkernel (TMM) generates a core file and restarts. If configured as part of a high availability (HA) device group, the BIG-IP system fails over to the peer device.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K10329515.