Vulnerabilities > CVE-2019-6677 - Unspecified vulnerability in F5 products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
f5
nessus

Summary

On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, under certain conditions when using custom TCP congestion control settings in a TCP profile, TMM stops processing traffic when processed by an iRule.

Vulnerable Configurations

Part Description Count
Application
F5
801

Nessus

NASL familyF5 Networks Local Security Checks
NASL idF5_BIGIP_SOL06747393.NASL
descriptionUnder certain conditions, when using custom TCP congestion control settings in a TCP profile, TMM stops processingtraffic when processed by an iRule. (CVE-2019-6677) Impact The Traffic Management Microkernel (TMM) may generate a core file and restart, causing a traffic disruption or failover event.This only impacts the data plane under specific, non-default configurations. There is no control plane exposure.
last seen2020-06-01
modified2020-06-02
plugin id132553
published2019-12-31
reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/132553
titleF5 Networks BIG-IP : TMM vulnerability (K06747393)