F5 AFM Signature Matching Vulnerability

For unspecified traffic patterns, BIG-IP AFM IPS engine may spend an excessive amount of time matching the traffic against signatures, resulting in Traffic Management Microkernel (TMM) restarting and traffic disruption.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

不加限制或调节的资源分配

F5 BIG-IP AFM 安全漏洞

F5 BIG-IP AFM是美国F5公司的一款用于防护DDos攻击的高级防火墙产品。 F5 BIG-IP AFM 存在安全漏洞，该漏洞源于对于未指定的流量模式，BIG-IP AFM IPS 引擎可能会花费过多的时间将流量与签名进行匹配，从而导致流量管理微内核 (TMM) 重新启动和流量中断。

N/A

N/A