Forum Discussion
AltostratusMFC vulnerability CVE-2019-6681
Hi team, related with the Security advisory https://support.f5.com/csp/article/K93417064, where can we check if Multicast Forwarding Cache (MFC) is configured? We are seeing it's licensed, but as I know we haven't explicity configured it.. where can we check it?
Thanks!
Nathan_F__F5_Employee
Hi fpieressa,
I was able to reach out to our security team and the product development team about this and I have an answer for you.
There were some question regarding CVE-2019-6681 / https://support.f5.com/csp/article/K93417064 / K93417064: MFC vulnerability CVE-2019-6681
The Routing Bundle and Multicast Routing License should be available in the BIGIP to be able to configure Multicast Routing Protocol such as PIM (Protocol Independent Multicasting) which relates to MFC (Multicast Forwarding Cache). So as long as you don't have a PIM configuration on the BIGIP, we can safely say that you are not vulnerable to CVE-2019-6681.
A Multicast Routing configuration example can be found in the following article. Please see the "verifying floating multicast configurations" section. If you run that first command and there is no PIM configuration displayed then you are not vulnerable to the CVE.
K36480041: Support for fast failover of PIM-SM multicast traffic in BIG-IP LTM HA systems
https://support.f5.com/csp/article/K36480041
Please give that a try and let me know if you have any questions.
-Nathan F