F5 Networks BIG-IP : BIG-IP HSB vulnerability (K26455071)

medium Nessus Plugin ID 123031

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

Under certain conditions, hardware systems with a High-Speed Bridge (HSB) using non-default Layer 2 forwarding configurations may experience a lockup of the HSB. (CVE-2019-6604)

This vulnerability occurs when all of the following conditions are met :

A VLAN group is configured.

The vlangroup.flow.allocate database key is disabled. Note : This is not the default configuration.

You are running the BIG-IP system or BIG-IP Virtual Clustered Multiprocessing (vCMP) guests on one of the following hardware platforms: BIG-IP i850 (C117)

BIG-IP i2x00 (C117)

BIG-IP 3900 (C106)

BIG-IP i4x00 (C115)

BIG-IP 5000 (C109)

BIG-IP i5x00 (C119)

BIG-IP i5820-DF (C125)

BIG-IP 6900 (D104)

BIG-IP 7000 (D110)

BIG-IP 8900 (D106)

BIG-IP i7x00 (C118)

BIG-IP i7820-DF (C126)

BIG-IP 8950 (D107)

BIG-IP 10000/102x0/ (D113)

BIG-IP 10350 (D112)

BIG-IP i10x00 (C116)

BIG-IP 11000 (E101)

BIG-IP 11050 (E102)

BIG-IP i11x00 (C123)

BIG-IP i11800-DS (C124)

BIG-IP 12250 (D111)

BIG-IP i15x00 (D116)

VIPRION 2400 (B2100, B2150, B2250)

VIPRION (B4100, B4200, B4300, B4340, B4450)

Note : BIG-IP Virtual Edition (VE) and Cloud Edition products are not affected.

Impact

The BIG-IP system stops processing traffic, eventually leading to a failover to another host in the high availability (HA) group.

Solution

Upgrade to one of the non-vulnerable versions listed in the F5 Solution K26455071.

See Also

https://my.f5.com/manage/s/article/K26455071

Plugin Details

Severity: Medium

ID: 123031

File Name: f5_bigip_SOL26455071.nasl

Version: 1.4

Type: local

Published: 3/25/2019

Updated: 11/2/2023

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2019-6604

CVSS v3

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:f5:big-ip_access_policy_manager, cpe:/a:f5:big-ip_advanced_firewall_manager, cpe:/a:f5:big-ip_application_acceleration_manager, cpe:/a:f5:big-ip_application_security_manager, cpe:/a:f5:big-ip_application_visibility_and_reporting, cpe:/a:f5:big-ip_domain_name_system, cpe:/a:f5:big-ip_global_traffic_manager, cpe:/a:f5:big-ip_link_controller, cpe:/a:f5:big-ip_local_traffic_manager, cpe:/a:f5:big-ip_policy_enforcement_manager, cpe:/a:f5:big-ip_webaccelerator, cpe:/h:f5:big-ip

Required KB Items: Host/local_checks_enabled, Settings/ParanoidReport, Host/BIG-IP/hotfix, Host/BIG-IP/modules, Host/BIG-IP/version

Exploit Ease: No known exploits are available

Patch Publication Date: 3/21/2019

Vulnerability Publication Date: 3/28/2019

Reference Information

CVE: CVE-2019-6604