Memory corruption

2018-06-2720:29:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.4%

JSON

On BIG-IP 13.1.0-13.1.0.7, a remote attacker using undisclosed methods against virtual servers configured with a Client SSL or Server SSL profile that has the SSL Forward Proxy feature enabled can force the Traffic Management Microkernel (tmm) to leak memory. As a result, system memory usage increases over time, which may eventually cause a decrease in performance or a system reboot due to memory exhaustion.

CPENameOperatorVersion
big-ip_access_policy_managerge13.0.0
big-ip_access_policy_managerle13.1.0.7
big-ip_advanced_firewall_managerge13.0.0
big-ip_advanced_firewall_managerle13.1.0.7
big-ip_analyticsge13.0.0
big-ip_analyticsle13.1.0.7
big-ip_application_acceleration_managerge13.0.0
big-ip_application_acceleration_managerle13.1.0.7
big-ip_application_security_managerge13.0.0
big-ip_application_security_managerle13.1.0.7

Name	Operator	Version
big-ip_access_policy_manager	ge	13.0.0
big-ip_access_policy_manager	le	13.1.0.7
big-ip_advanced_firewall_manager	ge	13.0.0
big-ip_advanced_firewall_manager	le	13.1.0.7
big-ip_analytics	ge	13.0.0
big-ip_analytics	le	13.1.0.7
big-ip_application_acceleration_manager	ge	13.0.0
big-ip_application_acceleration_manager	le	13.1.0.7
big-ip_application_security_manager	ge	13.0.0
big-ip_application_security_manager	le	13.1.0.7