F5 Networks BIG-IP : RADIUS authentication vulnerability (K62750376)
Medium Nessus Plugin ID 118688
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionUsing RADIUS authentication responses from a RADIUS server with IPv6 addresses may cause TMM to crash, leading to a failover event.
When a BIG-IP system receives a RADIUS authentication response from a IPv6 RADIUS server, the affected system produces a Traffic Management Microkernel (TMM) core file and restarts TMM, resulting in a failover event. This vulnerability affects only BIG-IP systems configured with RADIUS authentication for BIG-IP administrative users.
BIG-IQ / F5 iWorkflow / Enterprise Manager / ARX / LineRate / Traffix SDC
There is no impact; these F5 products are not affected by this vulnerability.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K62750376.