F5 Networks BIG-IP : TMM vulnerability (K16248201)

High Nessus Plugin ID 118634

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

If an MPTCP connection receives an abort signal while the initial flow
is not the primary flow, the initial flow will remain after the
closing procedure is complete. TMM may restart and produce a core file
as a result of this condition.(CVE-2018-15318)

Impact

The BIG-IP system temporarily fails to process traffic as it recovers
from a Traffic Management Microkernel (TMM) restart, and devices
configured in a device group may fail over.

Solution

Upgrade to one of the non-vulnerable versions listed in the F5
Solution K16248201.

See Also

https://support.f5.com/csp/article/K16248201

Plugin Details

Severity: High

ID: 118634

File Name: f5_bigip_SOL16248201.nasl

Version: 1.5

Type: local

Published: 2018/11/02

Modified: 2019/01/04

Dependencies: 76940

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS v3.0

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vulnerability Information

CPE: cpe:/a:f5:big-ip_access_policy_manager, cpe:/a:f5:big-ip_advanced_firewall_manager, cpe:/a:f5:big-ip_application_acceleration_manager, cpe:/a:f5:big-ip_application_security_manager, cpe:/a:f5:big-ip_application_visibility_and_reporting, cpe:/a:f5:big-ip_global_traffic_manager, cpe:/a:f5:big-ip_link_controller, cpe:/a:f5:big-ip_local_traffic_manager, cpe:/a:f5:big-ip_policy_enforcement_manager, cpe:/a:f5:big-ip_webaccelerator, cpe:/h:f5:big-ip

Patch Publication Date: 2018/10/30

Reference Information

CVE: CVE-2018-15318