Multiple F5 BIG-IP Products TMM HTTP Request Denial of Service Vulnerability [CVE-2017-6133]
A vulnerability in the Traffic Management Microkernel (TMM) URI parser library of multiple F5 BIG-IP products could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.
The vulnerability is due to improper processing of HTTP requests by an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted system. An exploit could cause the TMM component of the system to generate a core file and restart, resulting in a DoS condition.
F5 has confirmed the vulnerability and released software updates.
CVE Number
CVE-2017-6133
Administrators are advised to allow only trusted users to have network access.
Administrators can help protect affected systems from external attacks by using a solid firewall strategy.
Administrators are advised to monitor affected systems.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.