F5 Networks BIG-IP : TCP vulnerability (K35358312)

medium Nessus Plugin ID 91054

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

Under limited conditions, an invalid TCP segment can lead to a Denial of Service for the High-Speed Bridge (HSB) on the following platforms:
3900, 6900, 8900, 8950, 11000, 11050, PB100 or PB200. This issue is only exposed on virtual servers while Software SYN cookies are configured for use and currently engaged. The scope of the exposure is limited to the BIG-IP data plane. The access vector is network based and authentication is not a requirement for attack. There is no control plane exposure to this issue. (CVE-2015-8099) Note : The affected platforms do not support the Hardware SYN cookie protection feature. This feature appears in the profile configuration; however, it is not configurable for the noted platforms. For more information about SYN cookie protection, refer to K14779: Overview of BIG-IP SYN cookie protection (11.3.x - 12.x).

Solution

Upgrade to one of the non-vulnerable versions listed in the F5 Solution K35358312.

See Also

https://support.f5.com/csp/article/K14779

https://support.f5.com/csp/article/K35358312

Plugin Details

Severity: Medium

ID: 91054

File Name: f5_bigip_SOL35358312.nasl

Version: 2.11

Type: local

Published: 5/12/2016

Updated: 1/4/2019

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS v3

Risk Factor: Medium

Base Score: 5.9

Temporal Score: 5.2

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:f5:big-ip_access_policy_manager, cpe:/a:f5:big-ip_advanced_firewall_manager, cpe:/a:f5:big-ip_application_acceleration_manager, cpe:/a:f5:big-ip_application_security_manager, cpe:/a:f5:big-ip_application_visibility_and_reporting, cpe:/a:f5:big-ip_global_traffic_manager, cpe:/a:f5:big-ip_link_controller, cpe:/a:f5:big-ip_local_traffic_manager, cpe:/a:f5:big-ip_policy_enforcement_manager, cpe:/a:f5:big-ip_wan_optimization_manager, cpe:/a:f5:big-ip_webaccelerator, cpe:/h:f5:big-ip, cpe:/h:f5:big-ip_protocol_security_manager

Required KB Items: Host/local_checks_enabled, Settings/ParanoidReport, Host/BIG-IP/hotfix, Host/BIG-IP/modules, Host/BIG-IP/version

Exploit Ease: No known exploits are available

Patch Publication Date: 5/10/2016

Reference Information

CVE: CVE-2015-8099