F5 Networks BIG-IP : BIG-IP Client SSL vulnerability (K43121447)
Medium Nessus Plugin ID 118660
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionAttackers may be able to disrupt services on the BIG-IP system with
maliciously crafted client certificate. This vulnerability affects
virtual servers associated with Client SSL profile which enables the
use of client certificate authentication. Client certificate
authentication is not enabled by default in Client SSL profile. There
is no control plane exposure. (CVE-2018-5502)
The BIG-IP system may temporarily fail to process traffic as it
recovers from a Traffic Management Microkernel (TMM) restart, and
devices configured as a high-availability (HA) pair may fail over.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5