The IPv6 Neighbor Discovery Protocol (NDP) implementation does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic by way of a spoofed message that modifies the Forward Information Base (FIB).
Information about this advisory is available at the following locations:
Note: These links take you to a resource outside of AskF5, and it is possible that the documents may be removed without our knowledge.
F5 Product Development tracked this issue as CR111056 and CR111064 and it was fixed in BIG-IP 10.0.1 and Enterprise Manager 2.0.0. For information about upgrading, refer to the BIG-IP LTM, GTM, Link Controller, ASM, PSM, WebAccelerator, WOM, or Enterprise Manager release notes.