Vulnerability identifier: #VU3359
Vulnerability risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
BIG-IP PEM
Hardware solutions /
Security hardware applicances
BIG-IP GTM
Hardware solutions /
Security hardware applicances
BIG-IP ASM
Hardware solutions /
Security hardware applicances
BIG-IP APM
Hardware solutions /
Security hardware applicances
BIG-IP Analytics
Hardware solutions /
Security hardware applicances
BIG-IP AFM
Hardware solutions /
Security hardware applicances
BIG-IP LTM
Hardware solutions /
Security hardware applicances
BIG-IP Link Controller
Hardware solutions /
Routers & switches, VoIP, GSM, etc
BIG-IP DNS
Hardware solutions /
Routers & switches, VoIP, GSM, etc
BIG-IP AAM
Hardware solutions /
Routers & switches, VoIP, GSM, etc
BIG-IP
Hardware solutions /
Firmware
Vendor: F5 Networks
Description
The vulnerability allows a remote attacker to cause denial of service conditions.
The vulnerability exists due to an input validation error within virtual server when parsing RADIUS messages via an iRule. A remote attacker can send specially crafted network packets to vulnerable device and cause denial of service.
Successful exploitation of the vulnerability may allow an attacker to cause Traffic Management Microkernel (TMM) process to stop responding.
Mitigation
Install patch from vendor's website.
Vulnerable software versions
BIG-IP PEM: 11.6.1 - 12.1.1
BIG-IP Link Controller: 11.6.1 - 12.1.1
BIG-IP GTM: 11.6.1
BIG-IP DNS: 12.1.0 - 12.1.1
BIG-IP ASM: 11.6.1 - 12.1.1
BIG-IP APM: 11.6.1 - 12.1.1
BIG-IP Analytics: 11.6.1 - 12.1.1
BIG-IP AFM: 11.6.1 - 12.1.1
BIG-IP AAM: 11.6.1 - 12.1.1
BIG-IP LTM: 11.6.1 - 12.1.1
BIG-IP: 11.6.1, 12.0.0, 12.1.0
External links
http://support.f5.com/csp/#/article/K92859602
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.