F5 Networks BIG-IP : TMM vulnerability (K46940010)
Medium Nessus Plugin ID 118669
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionA malformed Transport Layer Security (TLS) handshake causes the
Traffic Management Microkernel (TMM) to stop responding, leading to a
disruption of service. This issue is only exposed on the data plane
when a Proxy SSL configuration is enabled. The control plane is not
impacted by this issue. (CVE-2018-5513)
The BIG-IP system may temporarily fail to process traffic as it
recovers from a TMM restart, and devices configured as a high
availability (HA) pair may fail over.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5