F5 Networks BIG-IP : BIG-IP SOCKS proxy vulnerability (K55225440)
Medium Nessus Plugin ID 118683
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionResponses to SOCKS proxy requests made through the BIG-IP system may
cause a disruption of service provided by theTraffic Management
Microkernel (TMM). The data plane is impacted and exposed only when a
SOCKS proxy profile is attached to a virtual server. The control plane
is not impacted by this vulnerability. (CVE-2017-6148)
An attacker may be able to perform a denial-of-service (DoS) attack on
a BIG-IP system by causing the TMM process to restart.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5