SB2017091903 - Denial of service in F5 Networks products
Published: September 19, 2017
Security Bulletin ID
SB2017091903
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Denial of service (CVE-ID: CVE-2017-6147)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists in the SSL Forward Proxy feature of multiple F5 Networks BIG-IP products due to improper processing of undisclosed requests. A remote attacker can send series of undisclosed requests, trigger the "SSL Forward Proxy" setup to connect to untrusted servers and cause the Traffic Management Microkernel (TMM) component to restart.
Successful exploitation of the vulnerability results in denial of service.
Note: This vulnerability affects only devices running a BIG-IP virtual server that has the SSL Forward Proxy option enabled in the assigned client and server SSL profiles.
Remediation
Install update from vendor's website.