F5 Networks BIG-IP : BIG-IP TMM vulnerability (K76328112)

high Nessus Plugin ID 132575

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

BIG-IP virtual servers with Loose Initiation enabled on a FastL4 profile may be subject to excessive flow usage under undisclosed conditions. (CVE-2019-6683)

Impact

This vulnerability is present only on BIG-IP Virtual Edition (VE) systems with limited bandwidth licenses. BIG-IP VE products with unlimited bandwidth are not affected.

Memory usage increases and will trigger aggressive sweeper until exhaustion. In the /var/log/ltm file, affected systems log Inet port exhaustion log messages.

Traffic processing is disrupted while the Traffic Management Microkernel (TMM) restarts. If the affected F5 device is configured as part of a device group, the system triggers a failover to the peer device.

Solution

Upgrade to one of the non-vulnerable versions listed in the F5 Solution K76328112.

See Also

https://my.f5.com/manage/s/article/K76328112

Plugin Details

Severity: High

ID: 132575

File Name: f5_bigip_SOL76328112.nasl

Version: 1.6

Type: local

Published: 12/31/2019

Updated: 11/3/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2019-6683

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:f5:big-ip_access_policy_manager, cpe:/a:f5:big-ip_advanced_firewall_manager, cpe:/a:f5:big-ip_application_acceleration_manager, cpe:/a:f5:big-ip_application_security_manager, cpe:/a:f5:big-ip_application_visibility_and_reporting, cpe:/a:f5:big-ip_domain_name_system, cpe:/a:f5:big-ip_global_traffic_manager, cpe:/a:f5:big-ip_link_controller, cpe:/a:f5:big-ip_local_traffic_manager, cpe:/a:f5:big-ip_policy_enforcement_manager, cpe:/h:f5:big-ip

Required KB Items: Host/local_checks_enabled, Host/BIG-IP/hotfix, Host/BIG-IP/modules, Host/BIG-IP/version

Exploit Ease: No known exploits are available

Patch Publication Date: 12/20/2019

Vulnerability Publication Date: 12/23/2019

Reference Information

CVE: CVE-2019-6683