F5 Networks BIG-IP : vCMP vulnerability (K64721111)
Medium Nessus Plugin ID 118691
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThrough undisclosed methods,adjacent network attackers can cause a
denial of service for vCMP guest and host systems. Attacks must be
sourced from an adjacent network (Layer 2). (CVE-2018-5531)
An attacker from an adjacent network may be able to cause a
denial-of-service (DoS) attack on the BIG-IP Virtual Clustered
Multiprocessing (vCMP) host and any defined guests by exploiting the
vulnerability on the vCMP guest.
BIG-IQ, F5 iWorkflow, Enterprise Manager, ARX, LineRate, and Traffix
There is no impact; these F5 products are not affected by this
SolutionUpgrade to one of the non-vulnerable versions listed in the F5