For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

fpieressa's avatar
fpieressa
Icon for Altostratus rankAltostratus
Jan 02, 2020

MFC vulnerability CVE-2019-6681

Hi team, related with the Security advisory https://support.f5.com/csp/article/K93417064, where can we check if Multicast Forwarding Cache (MFC) is configured? We are seeing it's licensed, but as I ...
BIG-IP
security
Nathan_F__F5_'s avatar
Nathan_F__F5_
Icon for Employee rankEmployee
Jan 03, 2020

Hi fpieressa,

 

I was able to reach out to our security team and the product development team about this and I have an answer for you.

 

There were some question regarding CVE-2019-6681 / https://support.f5.com/csp/article/K93417064 / K93417064: MFC vulnerability CVE-2019-6681

 

The Routing Bundle and Multicast Routing License should be available in the BIGIP to be able to configure Multicast Routing Protocol such as PIM (Protocol Independent Multicasting) which relates to MFC (Multicast Forwarding Cache). So as long as you don't have a PIM configuration on the BIGIP, we can safely say that you are not vulnerable to CVE-2019-6681.

 

A Multicast Routing configuration example can be found in the following article. Please see the "verifying floating multicast configurations" section. If you run that first command and there is no PIM configuration displayed then you are not vulnerable to the CVE.

 

K36480041: Support for fast failover of PIM-SM multicast traffic in BIG-IP LTM HA systems

https://support.f5.com/csp/article/K36480041

 

Please give that a try and let me know if you have any questions.

 

-Nathan F