Operational Defect Database
BugZero found this defect 1434 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
F5 | 915221
DoS unconditionally logs MCP messages to /var/tmp/mcpd.out
Last update date:
5/17/2024
Affected products:
BIG-IP
BIG-IP AFM
BIG-IP DDHD
Affected releases:
13.1.0
13.1.0.1
13.1.0.2
13.1.0.3
13.1.0.4
13.1.0.5
13.1.0.6
13.1.0.7
13.1.0.8
13.1.1
13.1.1.2
13.1.1.3
Fixed releases:
No fixed releases provided.
Description:
Severity: 3-Major ... Symptoms ... Excessive and large DoS debug messages associated with tmsh commands and stat queries are logged to /var/tmp/mcpd.out which is not log-rotated. ... Impact ... Disk space is consumed on the filesystem for /var/tmp, which can eventually lead to follow-on failures when the disk fills up. ... Conditions ... -- AFM is provisioned. -- DoS queries executed via tmsh. -- Access to DoS dashboard.
