Denial of Service Vulnerability in F5 BIG-IP Products
CVE-2015-4638
Currently unrated
Key Information:
- Vendor
- F5
- Vendor
- CVE Published:
- 18 September 2015
Summary
The FastL4 virtual server component within F5 BIG-IP products is prone to a denial of service vulnerability that can be exploited by remote attackers. By sending specially crafted fragmented packets, an attacker may force the Traffic Management Microkernel to restart, resulting in service interruptions. Affected versions include various releases of BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM between specified versions. It's imperative for users to assess their deployments and apply relevant security updates to mitigate associated risks.
References
Timeline
Vulnerability published
Vulnerability Reserved