F5 Networks BIG-IP : BIG-IP iControl and tmsh vulnerability (K77313277)
Medium Nessus Plugin ID 118697
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionIn BIG-IP 14.0.0-18.104.22.168 or 13.0.0-22.214.171.124, iControl and TMSH usage by authenticated users may leak a small amount of memory when executing commands. (CVE-2018-15325)
This vulnerability may lead to an out-of-memory condition in the BIG-IP control plane, resulting in performance degradation and possible failover to another system in the high availability (HA) group.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K77313277.