New Bug discovered in Big-Ip Systems could allow the damage of TMM process

A remote attacker can execute a denial-of – service (DoS) attack on a remote attacker. By forcing the TMM process to restart, the BIG-IP device

Tuesday, November 3, 2020, 11:03 GMT

Definition of Security Advisory:

Under some situations, certain client-side format warnings are sent to the BIG-IP Traffic Control can be triggered by virtual servers equipped with DataSafe, Restartarting of the microkernel (TMM), resulting in a Denial-of – Service (DoS). 2020-5946) CVE

Image source;

TMM has a weakness in terms of security. The weakness stems from the fact that, in certain situations, client warnings are sent to BIG-IP in some formats. DataSafe-configured virtual servers will trigger traffic management and restart the microkernel (TMM). Application rejection (DoS). It is influenced by the following goods and versions: BIG-IP 16.0.0, 15.0.0 to 15.1.0, 14.1.0 to 14.1.2.


At present, the manufacturer has released upgrade patches to fix the vulnerabilities. The link to obtain the patches.