F5 BIG-IP SSL Orchestrator Traffic Management Microkernel Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in F5 BIG-IP SSL Orchestrator versions 15.1.0 through 15.1.9, 16.1.0 through 16.1.3, and 17.1.0 through 17.1.2. When BIG-IP SSL Orchestrator is enabled, certain undisclosed traffic can lead to the termination of the Traffic Management Microkernel (TMM) process. This disruption causes a temporary outage as the TMM process restarts, allowing remote, unauthenticated attackers to create a denial-of-service condition on the BIG-IP system.

Impact

Exploitation of this vulnerability disrupts traffic management by causing the TMM process to crash and restart, temporarily halting data processing. This creates a denial-of-service condition on the BIG-IP system, impacting application availability.

Remediation

Users can upgrade to BIG-IP SSL Orchestrator versions 17.5.1 or 17.1.3 to address this vulnerability. For those on BIG-IP 15.x, no update candidate currently exists, but F5 recommends upgrading to a version with the fix. Consult the F5 BIG-IP hotfix and point release matrix for guidance.