Detections
Analytics
F5 Networks BIG-IP : TMM SCTP vulnerability (K26464312)
high Nessus Plugin ID 139819
Language:
Synopsis
The remote device is missing a vendor-supplied security patch.Description
The Traffic Management Microkernel (TMM) may stop responding when processing Stream Control Transmission Protocol (SCTP) traffic when traffic volume is high. This vulnerability affects TMM by way of a virtual server configured with an SCTP profile.(CVE-2020-5918)Impact
Traffic processing is disrupted while TMM restarts. If the affected BIG-IP system is configured as part of a device group, the system triggers a failover to the peer device.
Solution
Upgrade to one of the non-vulnerable versions listed in the F5 Solution K26464312.See Also
Plugin Details
Severity: High
ID: 139819
File Name: f5_bigip_SOL26464312.nasl
Version: 1.6
Type: local
Published: 8/26/2020
Updated: 11/2/2023
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS Score Source: CVE-2020-5918
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/h:f5:big-ip, cpe:/a:f5:big-ip_access_policy_manager, cpe:/a:f5:big-ip_advanced_firewall_manager, cpe:/a:f5:big-ip_application_acceleration_manager, cpe:/a:f5:big-ip_application_security_manager, cpe:/a:f5:big-ip_application_visibility_and_reporting, cpe:/a:f5:big-ip_domain_name_system, cpe:/a:f5:big-ip_global_traffic_manager, cpe:/a:f5:big-ip_link_controller, cpe:/a:f5:big-ip_local_traffic_manager, cpe:/a:f5:big-ip_policy_enforcement_manager
Required KB Items: Host/local_checks_enabled, Host/BIG-IP/hotfix, Host/BIG-IP/modules, Host/BIG-IP/version
Exploit Ease: No known exploits are available
Patch Publication Date: 8/25/2020
Vulnerability Publication Date: 8/26/2020
Reference Information
CVE: CVE-2020-5918
IAVA: 2020-A-0395-S