CVE-2015-8240

7.5HIGH

Key Information:

Vendor: F5
Status: Big-ip Analytics; Big-ip Link Controller; Big-ip Protocol Security Module; Big-ip Application Security Manager
Vendor: CVE Published:; 11 April 2016

Summary

The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and BIG-IP PEM before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.0 HF6 and BIG-IP PSM before 11.4.1 HF10 does not properly handle TCP options, which allows remote attackers to cause a denial of service via unspecified vectors, related to the tm.minpathmtu database variable.

References

https://support.f5.com/kb/en-us/solutions/public/k/06/sol...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1035367

vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 11, 2016
Vulnerability Reserved
Nov 18, 2015