9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.027 Low
EPSS
Percentile
89.4%
The IPv6 Neighbor Discovery Protocol (NDP) implementation does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic by way of a spoofed message that modifies the Forward Information Base (FIB).
Information about this advisory is available at the following locations:
Note: These links take you to a resource outside of AskF5, and it is possible that the documents may be removed without our knowledge.
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2476>
<http://www.kb.cert.org/vuls/id/472363>
F5 Product Development tracked this issue as CR111056 and CR111064 and it was fixed in BIG-IP 10.0.1 and Enterprise Manager 2.0.0. For information about upgrading, refer to the BIG-IP LTM, GTM, Link Controller, ASM, PSM, WebAccelerator, WOM, or Enterprise Manager release notes.