F5 Networks BIG-IP : TMM vulnerability (K46940010)
Medium Nessus Plugin ID 118669
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionA malformed Transport Layer Security (TLS) handshake causes the Traffic Management Microkernel (TMM) to stop responding, leading to a disruption of service. This issue is only exposed on the data plane when a Proxy SSL configuration is enabled. The control plane is not impacted by this issue. (CVE-2018-5513)
The BIG-IP system may temporarily fail to process traffic as it recovers from a TMM restart, and devices configured as a high availability (HA) pair may fail over.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K46940010.