F5 Networks BIG-IP : TMM vulnerability (K94105051)
Low Nessus Plugin ID 118703
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionA remote attacker may be able to disrupt services on the BIG-IP if the TMM virtual server is configured with a HTML or a Rewrite profile. TMM may restart while processing some specially prepared HTML content from the back end. (CVE-2018-5537)
The BIG-IP system may temporarily fail to process traffic as it recovers from a Traffic Management Microkernel (TMM) restart. If the BIG-IP system is configured for high availability (HA), it fails over to a peer system.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K94105051.