7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP TMM ClientSSL profile, which stems from the vulnerability when the BIG-IP LTM ClientSSL profile is configured on a virtual server with the When performing client certificate authentication with Session Ticket enabled on a virtual server, an undisclosed request can cause the Traffic Management Microkernel (TMM) to terminate, which can be exploited by an attacker to cause a denial of service on a BIG-IP system.