F5 Networks BIG-IP : F5 BIG-IP TMM vulnerability (K31404801)
Medium Nessus Plugin ID 118652
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionIn versions 13.0.0, 12.0.0-12.1.3, or 11.6.0-11.6.2, an F5 BIG-IP virtual server using the URL categorization feature may cause the Traffic Management Microkernel (TMM) to produce a core file when it receives malformed URLs during categorization. (CVE-2017-6169).
An attacker may be able to disrupt traffic or cause the BIG-IP system to fail over to another device in the device group.
This vulnerabilityaffects BIG-IP systems withthe following configuration :
The BIG-IP system has Policy Enforcement Manager (PEM) provisioned.
The URL categorization feature is licensed on the system.
One or more virtual servers use URL categorization throughone of the following: An iRule
A Centralized Policy Matching (CPM)rule.
A BIG-IP PEMpolicy.
One or more virtual servers processmalformed URL categorization input.
Note : The URL categorization feature enables you to enforce policies configured as part of the subscriber profile based on the URL category type; the URL categorization is obtained by querying an internal repository.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K31404801.