F5 Networks BIG-IP : TMM vulnerability (K43625118)
Medium Nessus Plugin ID 118661
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionAn attacker sending specially crafted SSL records to a SSL Virtual
Server will cause corruption in the SSL data structures leading to
intermittent decrypt BAD_RECORD_MAC errors. Clients will be unable to
access the application loadbalanced by a virtual server with an SSL
profile until tmm is restarted. (CVE-2018-15317)
The vulnerability allows remote attackers to cause a denial-of-service
(DoS) on the BIG-IP system.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5