F5 Networks BIG-IP : TMM vulnerability (K72442354)
Medium Nessus Plugin ID 118695
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionUndisclosed traffic patterns may lead to denial of service conditions for the BIG-IP system. The configuration which exposes this condition is the BIG-IP self IP address which is part of a VLAN group and has the Port Lockdown setting configured with anything other than 'allow-all'. (CVE-2018-15320)
The data plane of the BIG-IP virtual serversand the management addressare not affected. The BIG-IP self IP address that has the Port Lockdown setting configured with anything other than allow-all is affected by this vulnerability.
BIG-IQ / iWorkflow / Enterprise Manager / Traffix SDC
There is no impact on these F5 products; they are not affected by this vulnerability.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K72442354.