TMM Crash Vulnerability in F5 BIG-IP LTM Software

TMM Crash Vulnerability in F5 BIG-IP LTM Software

CVE-2017-6162 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, 11.2.1, in some cases TMM may crash when processing TCP traffic. This vulnerability affects TMM via a virtual server configured with TCP profile. Traffic processing is disrupted while Traffic Management Microkernel (TMM) restarts. If the affected BIG-IP system is configured to be part of a device group, it will trigger a failover to the peer device.

Learn more about our Cis Benchmark Audit For F5.