Resource Consumption Issue in BIG-IP LTM by F5 Networks
CVE-2019-6590

5.9MEDIUM

Key Information:

Vendor: F5
Status: Big-ip (ltm)
Vendor: CVE Published:; 29 January 2019

Summary

A resource consumption vulnerability exists in F5 Networks BIG-IP LTM versions 13.0.0 to 13.0.1 and 12.1.0 to 12.1.3.6. This issue occurs under specific conditions when the Traffic Management Microkernel (TMM) is processing SSL Session ID Persistence traffic, leading to excessive resource usage. This can potentially affect system performance and malicious exploits should be addressed to maintain network integrity. Users are advised to update to the latest versions to mitigate the risks associated with this vulnerability.

Affected Version(s)

BIG-IP (LTM) 13.0.0-13.0.1, 12.1.0-12.1.3.6

References

https://support.f5.com/csp/article/K55101404

x_refsource_CONFIRM

http://www.securityfocus.com/bid/106942

vdb-entryx_refsource_BID

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 29, 2019
Vulnerability Reserved
Jan 22, 2019