Main Vulnerability Database SB2019091010

SB2019091010 - Denial of service in F5 Networks BIG-IP Wireshark/tshark component

Published: September 10, 2019

Security Bulletin ID SB2019091010

Severity

Low

Patch available

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Resource management error (CVE-ID: CVE-2019-12295)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to unspecified error when processing untrusted data in the Wireshark dissection engine in epan/packet.c. A remote attacker can trick the victim to view the malformed packet trace file and crash the application.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

https://api-u.f5.com/support/kb-articles/K06725231?cacheFlag=false