Vulnerabilities > CVE-2019-6590 - Unspecified vulnerability in F5 Big-Ip Local Traffic Manager
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
On BIG-IP LTM 13.0.0 to 13.0.1 and 12.1.0 to 12.1.3.6, under certain conditions, the TMM may consume excessive resources when processing SSL Session ID Persistence traffic.
Vulnerable Configurations
Nessus
| NASL family | F5 Networks Local Security Checks |
| NASL id | F5_BIGIP_SOL55101404.NASL |
| description | Under certain conditions, the TMM may consume excessive resources when processing SSL Session ID Persistence traffic. (CVE-2019-6590) Impact BIG-IP This vulnerability may result as a denial-of-service (DOS) attack on the affected BIG-IP systemwhen the systemconsumes excessive memory resources. This issue affects only BIG-IP systems provisioned with the LTM module.The affected BIG-IP system temporarily fails to process traffic as it recovers from a Traffic Management Microkernel (TMM) restart, and devices configured in a device group may fail over. Enterprise Manager / BIG-IQ / iWorkflow / Traffix SDC There is no impact for theseF5 products as theyare not affected by this vulnerability. |
| last seen | 2020-03-17 |
| modified | 2019-01-30 |
| plugin id | 121441 |
| published | 2019-01-30 |
| reporter | This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/121441 |
| title | F5 Networks BIG-IP : TMM vulnerability (K55101404) |