Denial of Service Vulnerability in F5 BIG-IP Products
CVE-2015-4638

Currently unrated

Key Information:

Vendor
F5
Vendor
CVE Published:
18 September 2015

Summary

The FastL4 virtual server component within F5 BIG-IP products is prone to a denial of service vulnerability that can be exploited by remote attackers. By sending specially crafted fragmented packets, an attacker may force the Traffic Management Microkernel to restart, resulting in service interruptions. Affected versions include various releases of BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM between specified versions. It's imperative for users to assess their deployments and apply relevant security updates to mitigate associated risks.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.