F5 Networks BIG-IP : TMM vulnerability (K94105051)
Low Nessus Plugin ID 118703
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionA remote attacker may be able to disrupt services on the BIG-IP if the
TMM virtual server is configured with a HTML or a Rewrite profile. TMM
may restart while processing some specially prepared HTML content from
the back end. (CVE-2018-5537)
The BIG-IP system may temporarily fail to process traffic as it
recovers from a Traffic Management Microkernel (TMM) restart. If the
BIG-IP system is configured for high availability (HA), it fails over
to a peer system.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5