Vulnerabilites related to f5 - big-ip_dns
cve-2017-6140
Vulnerability from cvelistv5
Published
2017-12-21 17:00
Modified
2024-09-17 04:04
Severity ?
EPSS score ?
Summary
On the BIG-IP 2000s, 2200s, 4000s, 4200v, i5600, i5800, i7600, i7800, i10600,i10800, and VIPRION 4450 blades, running version 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 12.1.0, 12.1.1 or 12.1.2 of BIG-IP LTM, AAM, AFM, Analytics, ASM, DNS, GTM or PEM, an undisclosed sequence of packets sent to Virtual Servers with client or server SSL profiles may cause disruption of data plane services.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1040042 | vdb-entry, x_refsource_SECTRACK | |
| https://support.f5.com/csp/article/K55102452 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 Networks, Inc. | BIG-IP LTM, AAM, AFM, Analytics, ASM, DNS, GTM, PEM |
Version: 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4 Version: 11.6.0, 11.6.1 Version: 12.0.0, 12.1.0, 12.1.1, 12.1.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:18:49.914Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1040042", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040042", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K55102452", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIG-IP LTM, AAM, AFM, Analytics, ASM, DNS, GTM, PEM", vendor: "F5 Networks, Inc.", versions: [ { status: "affected", version: "11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4", }, { status: "affected", version: "11.6.0, 11.6.1", }, { status: "affected", version: "12.0.0, 12.1.0, 12.1.1, 12.1.2", }, ], }, ], datePublic: "2017-12-20T00:00:00", descriptions: [ { lang: "en", value: "On the BIG-IP 2000s, 2200s, 4000s, 4200v, i5600, i5800, i7600, i7800, i10600,i10800, and VIPRION 4450 blades, running version 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 12.1.0, 12.1.1 or 12.1.2 of BIG-IP LTM, AAM, AFM, Analytics, ASM, DNS, GTM or PEM, an undisclosed sequence of packets sent to Virtual Servers with client or server SSL profiles may cause disruption of data plane services.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-22T10:57:01", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { name: "1040042", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040042", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K55102452", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "f5sirt@f5.com", DATE_PUBLIC: "2017-12-20T00:00:00", ID: "CVE-2017-6140", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIG-IP LTM, AAM, AFM, Analytics, ASM, DNS, GTM, PEM", version: { version_data: [ { version_value: "11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4", }, { version_value: "11.6.0, 11.6.1", }, { version_value: "12.0.0, 12.1.0, 12.1.1, 12.1.2", }, ], }, }, ], }, vendor_name: "F5 Networks, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "On the BIG-IP 2000s, 2200s, 4000s, 4200v, i5600, i5800, i7600, i7800, i10600,i10800, and VIPRION 4450 blades, running version 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 12.1.0, 12.1.1 or 12.1.2 of BIG-IP LTM, AAM, AFM, Analytics, ASM, DNS, GTM or PEM, an undisclosed sequence of packets sent to Virtual Servers with client or server SSL profiles may cause disruption of data plane services.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "1040042", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040042", }, { name: "https://support.f5.com/csp/article/K55102452", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K55102452", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2017-6140", datePublished: "2017-12-21T17:00:00Z", dateReserved: "2017-02-21T00:00:00", dateUpdated: "2024-09-17T04:04:09.104Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-6166
Vulnerability from cvelistv5
Published
2017-11-22 16:00
Modified
2024-09-16 19:36
Severity ?
EPSS score ?
Summary
In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12.0.0 to 12.1.1, in some cases the Traffic Management Microkernel (TMM) may crash when processing fragmented packets. This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted while TMM restarts. If the affected BIG-IP system is configured as part of a device group, it will trigger a failover to the peer device.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/102264 | vdb-entry, x_refsource_BID | |
| https://support.f5.com/csp/article/K65615624 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1039949 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 Networks, Inc. | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe |
Version: 12.0.0, 12.1.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:18:49.799Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "102264", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/102264", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K65615624", }, { name: "1039949", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1039949", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe", vendor: "F5 Networks, Inc.", versions: [ { status: "affected", version: "12.0.0, 12.1.1", }, ], }, ], datePublic: "2017-11-21T00:00:00", descriptions: [ { lang: "en", value: "In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12.0.0 to 12.1.1, in some cases the Traffic Management Microkernel (TMM) may crash when processing fragmented packets. This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted while TMM restarts. If the affected BIG-IP system is configured as part of a device group, it will trigger a failover to the peer device.", }, ], problemTypes: [ { descriptions: [ { description: "denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-26T10:57:01", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { name: "102264", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/102264", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K65615624", }, { name: "1039949", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1039949", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "f5sirt@f5.com", DATE_PUBLIC: "2017-11-21T00:00:00", ID: "CVE-2017-6166", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe", version: { version_data: [ { version_value: "12.0.0, 12.1.1", }, ], }, }, ], }, vendor_name: "F5 Networks, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12.0.0 to 12.1.1, in some cases the Traffic Management Microkernel (TMM) may crash when processing fragmented packets. This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted while TMM restarts. If the affected BIG-IP system is configured as part of a device group, it will trigger a failover to the peer device.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "denial of service", }, ], }, ], }, references: { reference_data: [ { name: "102264", refsource: "BID", url: "http://www.securityfocus.com/bid/102264", }, { name: "https://support.f5.com/csp/article/K65615624", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K65615624", }, { name: "1039949", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1039949", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2017-6166", datePublished: "2017-11-22T16:00:00Z", dateReserved: "2017-02-21T00:00:00", dateUpdated: "2024-09-16T19:36:14.016Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-5500
Vulnerability from cvelistv5
Published
2018-03-01 16:00
Modified
2024-09-16 20:41
Severity ?
EPSS score ?
Summary
On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - 11.6.2, every Multipath TCP (MCTCP) connection established leaks a small amount of memory. Virtual server using TCP profile with Multipath TCP (MCTCP) feature enabled will be affected by this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.f5.com/csp/article/K33211839 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/103217 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 Networks, Inc. | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe |
Version: 13.0.0 Version: 12.1.0 - 12.1.3.1 Version: 11.6.1 - 11.6.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T05:40:50.505Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K33211839", }, { name: "103217", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/103217", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe", vendor: "F5 Networks, Inc.", versions: [ { status: "affected", version: "13.0.0", }, { status: "affected", version: "12.1.0 - 12.1.3.1", }, { status: "affected", version: "11.6.1 - 11.6.2", }, ], }, ], datePublic: "2018-02-28T00:00:00", descriptions: [ { lang: "en", value: "On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - 11.6.2, every Multipath TCP (MCTCP) connection established leaks a small amount of memory. Virtual server using TCP profile with Multipath TCP (MCTCP) feature enabled will be affected by this issue.", }, ], problemTypes: [ { descriptions: [ { description: "DoS", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-03-06T10:57:01", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K33211839", }, { name: "103217", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/103217", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "f5sirt@f5.com", DATE_PUBLIC: "2018-02-28T00:00:00", ID: "CVE-2018-5500", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe", version: { version_data: [ { version_value: "13.0.0", }, { version_value: "12.1.0 - 12.1.3.1", }, { version_value: "11.6.1 - 11.6.2", }, ], }, }, ], }, vendor_name: "F5 Networks, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - 11.6.2, every Multipath TCP (MCTCP) connection established leaks a small amount of memory. Virtual server using TCP profile with Multipath TCP (MCTCP) feature enabled will be affected by this issue.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "DoS", }, ], }, ], }, references: { reference_data: [ { name: "https://support.f5.com/csp/article/K33211839", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K33211839", }, { name: "103217", refsource: "BID", url: "http://www.securityfocus.com/bid/103217", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2018-5500", datePublished: "2018-03-01T16:00:00Z", dateReserved: "2018-01-12T00:00:00", dateUpdated: "2024-09-16T20:41:38.281Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-6133
Vulnerability from cvelistv5
Published
2017-12-21 17:00
Modified
2024-09-16 19:24
Severity ?
EPSS score ?
Summary
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, undisclosed HTTP requests may cause a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.f5.com/csp/article/K25033460 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/102467 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1040048 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 Networks, Inc. | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, WebSafe |
Version: 13.0.0 Version: 12.1.0 - 12.1.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:18:49.795Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K25033460", }, { name: "102467", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/102467", }, { name: "1040048", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040048", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, WebSafe", vendor: "F5 Networks, Inc.", versions: [ { status: "affected", version: "13.0.0", }, { status: "affected", version: "12.1.0 - 12.1.2", }, ], }, ], datePublic: "2017-12-20T00:00:00", descriptions: [ { lang: "en", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, undisclosed HTTP requests may cause a denial of service.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-11T10:57:01", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K25033460", }, { name: "102467", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/102467", }, { name: "1040048", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040048", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "f5sirt@f5.com", DATE_PUBLIC: "2017-12-20T00:00:00", ID: "CVE-2017-6133", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, WebSafe", version: { version_data: [ { version_value: "13.0.0", }, { version_value: "12.1.0 - 12.1.2", }, ], }, }, ], }, vendor_name: "F5 Networks, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, undisclosed HTTP requests may cause a denial of service.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "https://support.f5.com/csp/article/K25033460", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K25033460", }, { name: "102467", refsource: "BID", url: "http://www.securityfocus.com/bid/102467", }, { name: "1040048", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040048", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2017-6133", datePublished: "2017-12-21T17:00:00Z", dateReserved: "2017-02-21T00:00:00", dateUpdated: "2024-09-16T19:24:56.438Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-6151
Vulnerability from cvelistv5
Published
2017-12-21 17:00
Modified
2024-09-16 18:24
Severity ?
EPSS score ?
Summary
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, undisclosed requests made to BIG-IP virtual servers which make use of the "HTTP/2 profile" may result in a disruption of service to TMM.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1040052 | vdb-entry, x_refsource_SECTRACK | |
| https://support.f5.com/csp/article/K07369970 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 Networks, Inc. | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe |
Version: 13.0.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:18:49.989Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1040052", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040052", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K07369970", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe", vendor: "F5 Networks, Inc.", versions: [ { status: "affected", version: "13.0.0", }, ], }, ], datePublic: "2017-12-20T00:00:00", descriptions: [ { lang: "en", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, undisclosed requests made to BIG-IP virtual servers which make use of the \"HTTP/2 profile\" may result in a disruption of service to TMM.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-23T10:57:01", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { name: "1040052", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040052", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K07369970", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "f5sirt@f5.com", DATE_PUBLIC: "2017-12-20T00:00:00", ID: "CVE-2017-6151", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe", version: { version_data: [ { version_value: "13.0.0", }, ], }, }, ], }, vendor_name: "F5 Networks, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, undisclosed requests made to BIG-IP virtual servers which make use of the \"HTTP/2 profile\" may result in a disruption of service to TMM.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "1040052", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040052", }, { name: "https://support.f5.com/csp/article/K07369970", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K07369970", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2017-6151", datePublished: "2017-12-21T17:00:00Z", dateReserved: "2017-02-21T00:00:00", dateUpdated: "2024-09-16T18:24:04.117Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-6138
Vulnerability from cvelistv5
Published
2017-12-21 17:00
Modified
2024-09-17 02:21
Severity ?
EPSS score ?
Summary
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default "normalize URI" configuration options used in iRules and/or BIG-IP LTM policies.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1040051 | vdb-entry, x_refsource_SECTRACK | |
| https://support.f5.com/csp/article/K34514540 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 Networks, Inc. | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe |
Version: 13.0.0 Version: 12.1.0 - 12.1.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:18:49.834Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1040051", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040051", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K34514540", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe", vendor: "F5 Networks, Inc.", versions: [ { status: "affected", version: "13.0.0", }, { status: "affected", version: "12.1.0 - 12.1.2", }, ], }, ], datePublic: "2017-12-20T00:00:00", descriptions: [ { lang: "en", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default \"normalize URI\" configuration options used in iRules and/or BIG-IP LTM policies.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-23T10:57:01", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { name: "1040051", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040051", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K34514540", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "f5sirt@f5.com", DATE_PUBLIC: "2017-12-20T00:00:00", ID: "CVE-2017-6138", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe", version: { version_data: [ { version_value: "13.0.0", }, { version_value: "12.1.0 - 12.1.2", }, ], }, }, ], }, vendor_name: "F5 Networks, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default \"normalize URI\" configuration options used in iRules and/or BIG-IP LTM policies.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "1040051", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040051", }, { name: "https://support.f5.com/csp/article/K34514540", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K34514540", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2017-6138", datePublished: "2017-12-21T17:00:00Z", dateReserved: "2017-02-21T00:00:00", dateUpdated: "2024-09-17T02:21:41.401Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-6132
Vulnerability from cvelistv5
Published
2017-12-21 17:00
Modified
2024-09-16 19:05
Severity ?
EPSS score ?
Summary
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 and 11.5.0 - 11.5.4, an undisclosed sequence of packets sent to BIG-IP High Availability state mirror listeners (primary and/or secondary IP) may cause TMM to restart.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/102333 | vdb-entry, x_refsource_BID | |
| https://support.f5.com/csp/article/K12044607 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1040049 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 Networks, Inc. | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe |
Version: 13.0.0 Version: 12.0.0 - 12.1.2 Version: 11.6.0 - 11.6.1 Version: 11.5.0 - 11.5.4 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:18:49.877Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "102333", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/102333", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K12044607", }, { name: "1040049", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040049", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe", vendor: "F5 Networks, Inc.", versions: [ { status: "affected", version: "13.0.0", }, { status: "affected", version: "12.0.0 - 12.1.2", }, { status: "affected", version: "11.6.0 - 11.6.1", }, { status: "affected", version: "11.5.0 - 11.5.4", }, ], }, ], datePublic: "2017-12-20T00:00:00", descriptions: [ { lang: "en", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 and 11.5.0 - 11.5.4, an undisclosed sequence of packets sent to BIG-IP High Availability state mirror listeners (primary and/or secondary IP) may cause TMM to restart.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-03T10:57:01", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { name: "102333", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/102333", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K12044607", }, { name: "1040049", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040049", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "f5sirt@f5.com", DATE_PUBLIC: "2017-12-20T00:00:00", ID: "CVE-2017-6132", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe", version: { version_data: [ { version_value: "13.0.0", }, { version_value: "12.0.0 - 12.1.2", }, { version_value: "11.6.0 - 11.6.1", }, { version_value: "11.5.0 - 11.5.4", }, ], }, }, ], }, vendor_name: "F5 Networks, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 and 11.5.0 - 11.5.4, an undisclosed sequence of packets sent to BIG-IP High Availability state mirror listeners (primary and/or secondary IP) may cause TMM to restart.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "102333", refsource: "BID", url: "http://www.securityfocus.com/bid/102333", }, { name: "https://support.f5.com/csp/article/K12044607", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K12044607", }, { name: "1040049", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040049", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2017-6132", datePublished: "2017-12-21T17:00:00Z", dateReserved: "2017-02-21T00:00:00", dateUpdated: "2024-09-16T19:05:17.011Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-6150
Vulnerability from cvelistv5
Published
2018-03-01 16:00
Modified
2024-09-17 00:06
Severity ?
EPSS score ?
Summary
Under certain conditions for F5 BIG-IP systems 13.0.0 or 12.1.0 - 12.1.3.1, using FastL4 profiles, when the Reassemble IP Fragments option is disabled (default), some specific large fragmented packets may restart the Traffic Management Microkernel (TMM).
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/103235 | vdb-entry, x_refsource_BID | |
| https://support.f5.com/csp/article/K62712037 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 Networks, Inc. | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, WebSafe |
Version: 13.0.0 Version: 12.1.0 - 12.1.3.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:18:49.775Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "103235", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/103235", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K62712037", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, WebSafe", vendor: "F5 Networks, Inc.", versions: [ { status: "affected", version: "13.0.0", }, { status: "affected", version: "12.1.0 - 12.1.3.1", }, ], }, ], datePublic: "2018-02-28T00:00:00", descriptions: [ { lang: "en", value: "Under certain conditions for F5 BIG-IP systems 13.0.0 or 12.1.0 - 12.1.3.1, using FastL4 profiles, when the Reassemble IP Fragments option is disabled (default), some specific large fragmented packets may restart the Traffic Management Microkernel (TMM).", }, ], problemTypes: [ { descriptions: [ { description: "DoS", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-03-07T10:57:01", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { name: "103235", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/103235", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K62712037", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "f5sirt@f5.com", DATE_PUBLIC: "2018-02-28T00:00:00", ID: "CVE-2017-6150", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, WebSafe", version: { version_data: [ { version_value: "13.0.0", }, { version_value: "12.1.0 - 12.1.3.1", }, ], }, }, ], }, vendor_name: "F5 Networks, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Under certain conditions for F5 BIG-IP systems 13.0.0 or 12.1.0 - 12.1.3.1, using FastL4 profiles, when the Reassemble IP Fragments option is disabled (default), some specific large fragmented packets may restart the Traffic Management Microkernel (TMM).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "DoS", }, ], }, ], }, references: { reference_data: [ { name: "103235", refsource: "BID", url: "http://www.securityfocus.com/bid/103235", }, { name: "https://support.f5.com/csp/article/K62712037", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K62712037", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2017-6150", datePublished: "2018-03-01T16:00:00Z", dateReserved: "2017-02-21T00:00:00", dateUpdated: "2024-09-17T00:06:49.713Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-6135
Vulnerability from cvelistv5
Published
2017-12-21 17:00
Modified
2024-09-16 18:08
Severity ?
EPSS score ?
Summary
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0, a slow memory leak as a result of undisclosed IPv4 or IPv6 packets sent to BIG-IP management port or self IP addresses may lead to out of memory (OOM) conditions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.f5.com/csp/article/K43322910 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1040050 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 Networks, Inc. | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe |
Version: 13.0.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:18:49.764Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K43322910", }, { name: "1040050", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040050", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe", vendor: "F5 Networks, Inc.", versions: [ { status: "affected", version: "13.0.0", }, ], }, ], datePublic: "2017-12-20T00:00:00", descriptions: [ { lang: "en", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0, a slow memory leak as a result of undisclosed IPv4 or IPv6 packets sent to BIG-IP management port or self IP addresses may lead to out of memory (OOM) conditions.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-23T10:57:01", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K43322910", }, { name: "1040050", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040050", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "f5sirt@f5.com", DATE_PUBLIC: "2017-12-20T00:00:00", ID: "CVE-2017-6135", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe", version: { version_data: [ { version_value: "13.0.0", }, ], }, }, ], }, vendor_name: "F5 Networks, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0, a slow memory leak as a result of undisclosed IPv4 or IPv6 packets sent to BIG-IP management port or self IP addresses may lead to out of memory (OOM) conditions.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "https://support.f5.com/csp/article/K43322910", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K43322910", }, { name: "1040050", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040050", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2017-6135", datePublished: "2017-12-21T17:00:00Z", dateReserved: "2017-02-21T00:00:00", dateUpdated: "2024-09-16T18:08:05.215Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-5501
Vulnerability from cvelistv5
Published
2018-03-01 16:00
Modified
2024-09-17 02:37
Severity ?
EPSS score ?
Summary
In some circumstances, on F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, any 11.6.x or 11.5.x release, or 11.2.1, TCP DNS profile allows excessive buffering due to lack of flow control.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.f5.com/csp/article/K44200194 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/103211 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 Networks, Inc. | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe |
Version: 13.0.0 Version: 12.1.0 - 12.1.3.1 Version: 11.6.1 - 11.6.x Version: 11.5.1 - 11.5.x Version: 11.2.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T05:40:50.417Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K44200194", }, { name: "103211", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/103211", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe", vendor: "F5 Networks, Inc.", versions: [ { status: "affected", version: "13.0.0", }, { status: "affected", version: "12.1.0 - 12.1.3.1", }, { status: "affected", version: "11.6.1 - 11.6.x", }, { status: "affected", version: "11.5.1 - 11.5.x", }, { status: "affected", version: "11.2.1", }, ], }, ], datePublic: "2018-02-28T00:00:00", descriptions: [ { lang: "en", value: "In some circumstances, on F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, any 11.6.x or 11.5.x release, or 11.2.1, TCP DNS profile allows excessive buffering due to lack of flow control.", }, ], problemTypes: [ { descriptions: [ { description: "DoS", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-03-06T10:57:01", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K44200194", }, { name: "103211", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/103211", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "f5sirt@f5.com", DATE_PUBLIC: "2018-02-28T00:00:00", ID: "CVE-2018-5501", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe", version: { version_data: [ { version_value: "13.0.0", }, { version_value: "12.1.0 - 12.1.3.1", }, { version_value: "11.6.1 - 11.6.x", }, { version_value: "11.5.1 - 11.5.x", }, { version_value: "11.2.1", }, ], }, }, ], }, vendor_name: "F5 Networks, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In some circumstances, on F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, any 11.6.x or 11.5.x release, or 11.2.1, TCP DNS profile allows excessive buffering due to lack of flow control.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "DoS", }, ], }, ], }, references: { reference_data: [ { name: "https://support.f5.com/csp/article/K44200194", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K44200194", }, { name: "103211", refsource: "BID", url: "http://www.securityfocus.com/bid/103211", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2018-5501", datePublished: "2018-03-01T16:00:00Z", dateReserved: "2018-01-12T00:00:00", dateUpdated: "2024-09-17T02:37:02.573Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-6134
Vulnerability from cvelistv5
Published
2017-12-21 17:00
Modified
2024-09-16 23:31
Severity ?
EPSS score ?
Summary
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0, 12.1.0 - 12.1.2 and 11.5.1 - 11.6.1, an undisclosed sequence of packets, sourced from an adjacent network may cause TMM to crash.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1040045 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/102466 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1040044 | vdb-entry, x_refsource_SECTRACK | |
| https://support.f5.com/csp/article/K37404773 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 Networks, Inc. | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe |
Version: 13.0.0 Version: 12.1.0 - 12.1.2 Version: 11.5.1 - 11.6.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:18:49.900Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1040045", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040045", }, { name: "102466", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/102466", }, { name: "1040044", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040044", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K37404773", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe", vendor: "F5 Networks, Inc.", versions: [ { status: "affected", version: "13.0.0", }, { status: "affected", version: "12.1.0 - 12.1.2", }, { status: "affected", version: "11.5.1 - 11.6.1", }, ], }, ], datePublic: "2017-12-20T00:00:00", descriptions: [ { lang: "en", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0, 12.1.0 - 12.1.2 and 11.5.1 - 11.6.1, an undisclosed sequence of packets, sourced from an adjacent network may cause TMM to crash.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-01-11T10:57:01", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { name: "1040045", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040045", }, { name: "102466", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/102466", }, { name: "1040044", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040044", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K37404773", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "f5sirt@f5.com", DATE_PUBLIC: "2017-12-20T00:00:00", ID: "CVE-2017-6134", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe", version: { version_data: [ { version_value: "13.0.0", }, { version_value: "12.1.0 - 12.1.2", }, { version_value: "11.5.1 - 11.6.1", }, ], }, }, ], }, vendor_name: "F5 Networks, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0, 12.1.0 - 12.1.2 and 11.5.1 - 11.6.1, an undisclosed sequence of packets, sourced from an adjacent network may cause TMM to crash.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "1040045", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040045", }, { name: "102466", refsource: "BID", url: "http://www.securityfocus.com/bid/102466", }, { name: "1040044", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040044", }, { name: "https://support.f5.com/csp/article/K37404773", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K37404773", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2017-6134", datePublished: "2017-12-21T17:00:00Z", dateReserved: "2017-02-21T00:00:00", dateUpdated: "2024-09-16T23:31:05.900Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-6136
Vulnerability from cvelistv5
Published
2017-12-21 17:00
Modified
2024-09-16 16:28
Severity ?
EPSS score ?
Summary
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.0.0 - 12.1.2, undisclosed traffic patterns sent to BIG-IP virtual servers, with the TCP Fast Open and Tail Loss Probe options enabled in the associated TCP profile, may cause a disruption of service to the Traffic Management Microkernel (TMM).
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1040046 | vdb-entry, x_refsource_SECTRACK | |
| https://support.f5.com/csp/article/K81137982 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 Networks, Inc. | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe |
Version: 13.0.0 Version: 12.0.0 - 12.1.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:18:49.989Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1040046", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040046", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K81137982", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe", vendor: "F5 Networks, Inc.", versions: [ { status: "affected", version: "13.0.0", }, { status: "affected", version: "12.0.0 - 12.1.2", }, ], }, ], datePublic: "2017-12-20T00:00:00", descriptions: [ { lang: "en", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.0.0 - 12.1.2, undisclosed traffic patterns sent to BIG-IP virtual servers, with the TCP Fast Open and Tail Loss Probe options enabled in the associated TCP profile, may cause a disruption of service to the Traffic Management Microkernel (TMM).", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-23T10:57:01", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { name: "1040046", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040046", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K81137982", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "f5sirt@f5.com", DATE_PUBLIC: "2017-12-20T00:00:00", ID: "CVE-2017-6136", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe", version: { version_data: [ { version_value: "13.0.0", }, { version_value: "12.0.0 - 12.1.2", }, ], }, }, ], }, vendor_name: "F5 Networks, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.0.0 - 12.1.2, undisclosed traffic patterns sent to BIG-IP virtual servers, with the TCP Fast Open and Tail Loss Probe options enabled in the associated TCP profile, may cause a disruption of service to the Traffic Management Microkernel (TMM).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "1040046", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040046", }, { name: "https://support.f5.com/csp/article/K81137982", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K81137982", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2017-6136", datePublished: "2017-12-21T17:00:00Z", dateReserved: "2017-02-21T00:00:00", dateUpdated: "2024-09-16T16:28:20.202Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-6164
Vulnerability from cvelistv5
Published
2017-12-21 17:00
Modified
2024-09-17 04:13
Severity ?
EPSS score ?
Summary
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, 12.0.0 - 12.1.2, 11.6.0 - 11.6.1 and 11.5.0 - 11.5.4, in some circumstances, Traffic Management Microkernel (TMM) does not properly handle certain malformed TLS1.2 records, which allows remote attackers to cause a denial-of-service (DoS) or possible remote command execution on the BIG-IP system.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1040054 | vdb-entry, x_refsource_SECTRACK | |
| https://support.f5.com/csp/article/K02714910 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 Networks, Inc. | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe |
Version: 13.0.0 Version: 12.0.0 - 12.1.2 Version: 11.6.0 - 11.6.1 Version: 11.5.0 - 11.5.4 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:18:49.659Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1040054", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040054", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K02714910", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe", vendor: "F5 Networks, Inc.", versions: [ { status: "affected", version: "13.0.0", }, { status: "affected", version: "12.0.0 - 12.1.2", }, { status: "affected", version: "11.6.0 - 11.6.1", }, { status: "affected", version: "11.5.0 - 11.5.4", }, ], }, ], datePublic: "2017-12-20T00:00:00", descriptions: [ { lang: "en", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, 12.0.0 - 12.1.2, 11.6.0 - 11.6.1 and 11.5.0 - 11.5.4, in some circumstances, Traffic Management Microkernel (TMM) does not properly handle certain malformed TLS1.2 records, which allows remote attackers to cause a denial-of-service (DoS) or possible remote command execution on the BIG-IP system.", }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service and Remote Code Execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-23T10:57:01", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { name: "1040054", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040054", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K02714910", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "f5sirt@f5.com", DATE_PUBLIC: "2017-12-20T00:00:00", ID: "CVE-2017-6164", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe", version: { version_data: [ { version_value: "13.0.0", }, { version_value: "12.0.0 - 12.1.2", }, { version_value: "11.6.0 - 11.6.1", }, { version_value: "11.5.0 - 11.5.4", }, ], }, }, ], }, vendor_name: "F5 Networks, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, 12.0.0 - 12.1.2, 11.6.0 - 11.6.1 and 11.5.0 - 11.5.4, in some circumstances, Traffic Management Microkernel (TMM) does not properly handle certain malformed TLS1.2 records, which allows remote attackers to cause a denial-of-service (DoS) or possible remote command execution on the BIG-IP system.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service and Remote Code Execution", }, ], }, ], }, references: { reference_data: [ { name: "1040054", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040054", }, { name: "https://support.f5.com/csp/article/K02714910", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K02714910", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2017-6164", datePublished: "2017-12-21T17:00:00Z", dateReserved: "2017-02-21T00:00:00", dateUpdated: "2024-09-17T04:13:51.645Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-6167
Vulnerability from cvelistv5
Published
2017-12-21 17:00
Modified
2024-09-17 03:58
Severity ?
EPSS score ?
Summary
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, race conditions in iControl REST may lead to commands being executed with different privilege levels than expected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.f5.com/csp/article/K24465120 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1040053 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| F5 Networks, Inc. | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, WebSafe |
Version: 13.0.0 Version: 12.1.0 - 12.1.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:18:49.887Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K24465120", }, { name: "1040053", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040053", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, WebSafe", vendor: "F5 Networks, Inc.", versions: [ { status: "affected", version: "13.0.0", }, { status: "affected", version: "12.1.0 - 12.1.2", }, ], }, ], datePublic: "2017-12-20T00:00:00", descriptions: [ { lang: "en", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, race conditions in iControl REST may lead to commands being executed with different privilege levels than expected.", }, ], problemTypes: [ { descriptions: [ { description: "Privilege Escalation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-23T10:57:01", orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", shortName: "f5", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K24465120", }, { name: "1040053", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040053", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "f5sirt@f5.com", DATE_PUBLIC: "2017-12-20T00:00:00", ID: "CVE-2017-6167", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, WebSafe", version: { version_data: [ { version_value: "13.0.0", }, { version_value: "12.1.0 - 12.1.2", }, ], }, }, ], }, vendor_name: "F5 Networks, Inc.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, race conditions in iControl REST may lead to commands being executed with different privilege levels than expected.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Privilege Escalation", }, ], }, ], }, references: { reference_data: [ { name: "https://support.f5.com/csp/article/K24465120", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K24465120", }, { name: "1040053", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040053", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", assignerShortName: "f5", cveId: "CVE-2017-6167", datePublished: "2017-12-21T17:00:00Z", dateReserved: "2017-02-21T00:00:00", dateUpdated: "2024-09-17T03:58:35.655Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2017-12-21 17:29
Modified
2024-11-21 03:29
Severity ?
Summary
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, race conditions in iControl REST may lead to commands being executed with different privilege levels than expected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | http://www.securitytracker.com/id/1040053 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K24465120 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040053 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K24465120 | Issue Tracking, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f5 | big-ip_local_traffic_manager | * | |
| f5 | big-ip_local_traffic_manager | 13.0.0 | |
| f5 | big-ip_application_acceleration_manager | * | |
| f5 | big-ip_application_acceleration_manager | 13.0.0 | |
| f5 | big-ip_advanced_firewall_manager | * | |
| f5 | big-ip_advanced_firewall_manager | 13.0.0 | |
| f5 | big-ip_analytics | * | |
| f5 | big-ip_analytics | 13.0.0 | |
| f5 | big-ip_access_policy_manager | * | |
| f5 | big-ip_access_policy_manager | 13.0.0 | |
| f5 | big-ip_application_security_manager | * | |
| f5 | big-ip_application_security_manager | 13.0.0 | |
| f5 | big-ip_dns | * | |
| f5 | big-ip_dns | 13.0.0 | |
| f5 | big-ip_link_controller | * | |
| f5 | big-ip_link_controller | 13.0.0 | |
| f5 | big-ip_policy_enforcement_manager | * | |
| f5 | big-ip_policy_enforcement_manager | 13.0.0 | |
| f5 | big-ip_websafe | * | |
| f5 | big-ip_websafe | 13.0.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "48AEF668-8ABE-4A09-B45B-AB30B7A6464B", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BA7D64DC-7271-4617-BD46-99C8246779CA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "6CAB3D2D-F589-41AB-A68A-8AFA8760E394", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F3C3362F-1251-4E7B-B8CB-BBE7344A915E", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8C4E5F36-434B-48E1-9715-4EEC22FB23D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "A7E33F47-378B-4077-AA3E-6EBED04D3609", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "34D75E7F-B65F-421D-92EE-6B20756019C2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E6A76187-6118-4A9D-9F7C-0C9D3931BF42", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BCF89E7C-806E-4800-BAA9-0225433B6C56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "FE82B01E-278D-40DB-9CD5-D69F863A97CD", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "7569977A-E567-4115-B00C-4B0CBA86582E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*", matchCriteriaId: "D90D84D6-E4EF-4686-A7D9-52FF577251D8", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "93674162-3A63-4F05-B68F-B7D54B0AAE98", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "B8AE206C-8F30-4C1A-9823-BAF2052EF065", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E2C4414E-8016-48B5-8CC3-F97FF2D85922", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "91F8E790-6C3C-476D-B403-4F13CEF0BA7A", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "42821916-E601-4831-B37B-3202ACF2C562", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "48B5CC4A-32F1-474A-A89B-A6C7E56513D7", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B2E56D76-1A89-46AB-9C17-CB24662FFDE7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, race conditions in iControl REST may lead to commands being executed with different privilege levels than expected.", }, { lang: "es", value: "En F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM y WebSafe, en versiones 13.0.0 y de la 12.1.0 a la 12.1.2, las condiciones de carrera en iControl REST pueden conducir a la ejecución de comandos con niveles de privilegios diferentes a los esperados.", }, ], id: "CVE-2017-6167", lastModified: "2024-11-21T03:29:11.137", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 8.5, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-12-21T17:29:00.717", references: [ { source: "f5sirt@f5.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040053", }, { source: "f5sirt@f5.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K24465120", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040053", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K24465120", }, ], sourceIdentifier: "f5sirt@f5.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-362", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-12-21 17:29
Modified
2024-11-21 03:29
Severity ?
Summary
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.0.0 - 12.1.2, undisclosed traffic patterns sent to BIG-IP virtual servers, with the TCP Fast Open and Tail Loss Probe options enabled in the associated TCP profile, may cause a disruption of service to the Traffic Management Microkernel (TMM).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | http://www.securitytracker.com/id/1040046 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K81137982 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040046 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K81137982 | Issue Tracking, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f5 | big-ip_local_traffic_manager | * | |
| f5 | big-ip_local_traffic_manager | 13.0.0 | |
| f5 | big-ip_application_acceleration_manager | * | |
| f5 | big-ip_application_acceleration_manager | 13.0.0 | |
| f5 | big-ip_advanced_firewall_manager | * | |
| f5 | big-ip_advanced_firewall_manager | 13.0.0 | |
| f5 | big-ip_analytics | * | |
| f5 | big-ip_analytics | 13.0.0 | |
| f5 | big-ip_access_policy_manager | * | |
| f5 | big-ip_access_policy_manager | 13.0.0 | |
| f5 | big-ip_application_security_manager | * | |
| f5 | big-ip_application_security_manager | 13.0.0 | |
| f5 | big-ip_dns | * | |
| f5 | big-ip_dns | 13.0.0 | |
| f5 | big-ip_global_traffic_manager | * | |
| f5 | big-ip_global_traffic_manager | 13.0.0 | |
| f5 | big-ip_link_controller | * | |
| f5 | big-ip_link_controller | 13.0.0 | |
| f5 | big-ip_policy_enforcement_manager | * | |
| f5 | big-ip_policy_enforcement_manager | 13.0.0 | |
| f5 | big-ip_websafe | * | |
| f5 | big-ip_websafe | 13.0.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "48AEF668-8ABE-4A09-B45B-AB30B7A6464B", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BA7D64DC-7271-4617-BD46-99C8246779CA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "6CAB3D2D-F589-41AB-A68A-8AFA8760E394", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F3C3362F-1251-4E7B-B8CB-BBE7344A915E", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8C4E5F36-434B-48E1-9715-4EEC22FB23D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "A7E33F47-378B-4077-AA3E-6EBED04D3609", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "34D75E7F-B65F-421D-92EE-6B20756019C2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E6A76187-6118-4A9D-9F7C-0C9D3931BF42", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BCF89E7C-806E-4800-BAA9-0225433B6C56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "FE82B01E-278D-40DB-9CD5-D69F863A97CD", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "7569977A-E567-4115-B00C-4B0CBA86582E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*", matchCriteriaId: "D90D84D6-E4EF-4686-A7D9-52FF577251D8", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "93674162-3A63-4F05-B68F-B7D54B0AAE98", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "528457E0-A8CA-454B-AC01-C55630E2FA49", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3914B25C-4E86-4C00-A199-4C9A99BA2EC4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "B8AE206C-8F30-4C1A-9823-BAF2052EF065", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E2C4414E-8016-48B5-8CC3-F97FF2D85922", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "91F8E790-6C3C-476D-B403-4F13CEF0BA7A", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "42821916-E601-4831-B37B-3202ACF2C562", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "48B5CC4A-32F1-474A-A89B-A6C7E56513D7", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B2E56D76-1A89-46AB-9C17-CB24662FFDE7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.0.0 - 12.1.2, undisclosed traffic patterns sent to BIG-IP virtual servers, with the TCP Fast Open and Tail Loss Probe options enabled in the associated TCP profile, may cause a disruption of service to the Traffic Management Microkernel (TMM).", }, { lang: "es", value: "En F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM y WebSafe, en versiones 13.0.0 y de la 12.0.0 a la 12.1.2, los patrones de tráfico no revelados que se envían a los servidores virtuales de BIG-IP con las opciones TCP Fast Open y Tail Loss Probe activadas en el perfil TCP asociado, pueden interrumpir el servicio al TMM (Traffic Management Microkernel).", }, ], id: "CVE-2017-6136", lastModified: "2024-11-21T03:29:07.223", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-12-21T17:29:00.480", references: [ { source: "f5sirt@f5.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040046", }, { source: "f5sirt@f5.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K81137982", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040046", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K81137982", }, ], sourceIdentifier: "f5sirt@f5.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-12-21 17:29
Modified
2024-11-21 03:29
Severity ?
Summary
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, undisclosed requests made to BIG-IP virtual servers which make use of the "HTTP/2 profile" may result in a disruption of service to TMM.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | http://www.securitytracker.com/id/1040052 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K07369970 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040052 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K07369970 | Issue Tracking, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f5 | big-ip_local_traffic_manager | 13.0.0 | |
| f5 | big-ip_application_acceleration_manager | 13.0.0 | |
| f5 | big-ip_advanced_firewall_manager | 13.0.0 | |
| f5 | big-ip_analytics | 13.0.0 | |
| f5 | big-ip_access_policy_manager | 13.0.0 | |
| f5 | big-ip_application_security_manager | 13.0.0 | |
| f5 | big-ip_dns | 13.0.0 | |
| f5 | big-ip_global_traffic_manager | 13.0.0 | |
| f5 | big-ip_link_controller | 13.0.0 | |
| f5 | big-ip_policy_enforcement_manager | 13.0.0 | |
| f5 | big-ip_websafe | 13.0.0 | |
| f5 | big-ip_edge_gateway | 13.0.0 | |
| f5 | big-ip_webaccelerator | 13.0.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BA7D64DC-7271-4617-BD46-99C8246779CA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8C4E5F36-434B-48E1-9715-4EEC22FB23D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "34D75E7F-B65F-421D-92EE-6B20756019C2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BCF89E7C-806E-4800-BAA9-0225433B6C56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "7569977A-E567-4115-B00C-4B0CBA86582E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_dns:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "93674162-3A63-4F05-B68F-B7D54B0AAE98", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3914B25C-4E86-4C00-A199-4C9A99BA2EC4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E2C4414E-8016-48B5-8CC3-F97FF2D85922", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "42821916-E601-4831-B37B-3202ACF2C562", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_websafe:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B2E56D76-1A89-46AB-9C17-CB24662FFDE7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "4D3374BE-6A37-48B5-83D4-D61558A8433E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "7E703FAB-BFCD-47A1-94BD-DD63879DE883", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, undisclosed requests made to BIG-IP virtual servers which make use of the \"HTTP/2 profile\" may result in a disruption of service to TMM.", }, { lang: "es", value: "En F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator y WebSafe, en su versión 13.0.0, las solicitudes no reveladas enviadas a los servidores virtuales BIG-IP que utilizan el perfil HTTP/2 pueden provocar una interrupción del servicio en el TMM.", }, ], id: "CVE-2017-6151", lastModified: "2024-11-21T03:29:08.993", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-12-21T17:29:00.637", references: [ { source: "f5sirt@f5.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040052", }, { source: "f5sirt@f5.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K07369970", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040052", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K07369970", }, ], sourceIdentifier: "f5sirt@f5.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-12-21 17:29
Modified
2024-11-21 03:29
Severity ?
Summary
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 and 11.5.0 - 11.5.4, an undisclosed sequence of packets sent to BIG-IP High Availability state mirror listeners (primary and/or secondary IP) may cause TMM to restart.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | http://www.securityfocus.com/bid/102333 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | http://www.securitytracker.com/id/1040049 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K12044607 | Issue Tracking, Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102333 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040049 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K12044607 | Issue Tracking, Mitigation, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2A113DC2-B084-48C2-8ECF-F0281AC34246", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C1F5FF67-5D17-4760-AFDC-4234EC1E6306", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "12F86EB5-D581-4103-A802-44D968BA8D55", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "06224D59-35F8-4168-80C5-CF5B17E99050", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BA7D64DC-7271-4617-BD46-99C8246779CA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2AC4ECCE-9343-4462-872C-FA4860998B69", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "39E45CF5-C9E4-4AB9-A6D5-66F8336DDB79", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "A4489382-0668-4CFB-BA89-D54762937CEE", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "9850D0AA-B173-47B2-9B69-75E6D1FAF490", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "40994EB4-4D31-4697-964D-1F0B09864DF2", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "55D59D80-4DC5-4A84-BF42-A5AC2D39CC7A", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "93212B86-21EA-4340-9149-E58F65285C15", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "3755740D-F1DC-4910-ADDD-9D491515201C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "EA244A7D-F65D-4114-81C8-CE811959EA10", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "5EA9F72C-8344-4370-B511-31BEC8BA63E8", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "96CF015E-C74B-4215-9103-8087BC1D12AB", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "CFE4DB00-433D-414A-A1CE-E507B9BB809B", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8C4E5F36-434B-48E1-9715-4EEC22FB23D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "857B3A62-F808-4CA9-BFAD-C133D94CF531", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "25944BCA-3EEB-4396-AC8F-EF58834BC47E", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "A7D226F1-6513-4233-BE20-58D7AB24978F", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "B33B2082-E040-4799-A260-BA687ED8614E", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "A85766A4-2181-4719-ADCF-4FEA0031DB80", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "D2E93EE3-DB73-468E-87CA-4D277F283648", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "ADB01A61-1924-417F-8A75-9FDF8F14F754", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "34D75E7F-B65F-421D-92EE-6B20756019C2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "DDE31583-1329-468C-87C9-BBB8FB5132B9", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0ACC0695-E62E-4748-AA8A-46772EB8C83C", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "1C0312FC-8178-46DE-B4EE-00F2895073BA", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "C9E574F6-34B6-45A6-911D-E5347DA22F69", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "BCF94129-8779-4D68-8DD4-B828CA633746", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "BA2E88AA-0523-48D0-8664-6AFDBCB6C940", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BCF89E7C-806E-4800-BAA9-0225433B6C56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C8FF324E-8533-403A-BEA9-617A28033CC8", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "7CB146EF-CCAB-4194-9735-F8909E283308", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "1AD2C1D2-103E-4B0F-84AA-999F01E695F0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "855E91A4-0A0C-4E5C-8019-FB513A793803", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "FCCC2092-E109-4FF6-9B85-6C9434269851", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "8923BB93-96C1-417B-9172-4A81E731EBA2", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "274E34BF-82A5-4D9E-BC72-202193A47A5A", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "7569977A-E567-4115-B00C-4B0CBA86582E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*", matchCriteriaId: "E097889C-175C-40A6-9DCF-2C03981D9349", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*", matchCriteriaId: "24B9912B-31F0-4265-8D61-0E6D46DA33DB", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "E142B175-0E9D-4051-A6B1-FF9E7583DFBA", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "9B131043-3C02-47CE-8D1C-BB29A20113E5", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "DCE4ACE8-1309-4631-9E34-A6032009B702", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "A70560C5-AEB5-4144-A0AA-10A63527B5C1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "8F2CE884-45CD-4EB8-8568-B3AEAB017361", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "93674162-3A63-4F05-B68F-B7D54B0AAE98", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "80E2E5FE-217F-4267-AEB9-719E376D2FB0", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5EF737FD-7706-4536-912A-C22E0B2FE3C4", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "0594DBC5-8470-416C-A5EA-E04F5AB2C799", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "BD3A3BA6-6F60-45CA-8F52-687B671B077A", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "202B6870-718C-4F8D-9BAB-7ED6385BF2A7", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "EC6A3691-ADC4-44BC-8A11-D855B13EF128", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3914B25C-4E86-4C00-A199-4C9A99BA2EC4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "48D3CF2B-1D30-461B-836D-A16EAA15F5BC", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "C4A5CD9B-D257-4EC9-8C57-D9552C2FFFFC", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "AB017D7A-3290-4EF5-9647-B488771A5F32", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4F316C54-FAE4-48D8-9E40-ED358C30BF24", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E2C4414E-8016-48B5-8CC3-F97FF2D85922", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "A5AB7A86-4C18-4FCA-90A0-BA9116FF31C3", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "BDE77CCE-7F97-48EA-A9D3-090B1481616F", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "4D379372-A226-4230-B1F3-04C696518BD8", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "22FAC35D-2803-49B0-9382-F14594B88FC5", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "3C72257B-FF99-4707-A0E3-316D538B1CF6", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "42821916-E601-4831-B37B-3202ACF2C562", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "8552AED4-DC7B-4DA1-AD49-9AD856A69DC1", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "57010E5E-5940-4DDA-AD56-D646D54084AA", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "B45F50EB-D059-4251-AF03-DEC2F306C74C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "50A13328-66C1-4D9D-8E46-754401D5F457", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "E94FCC0F-5505-4123-B3FA-ACB90DDE276E", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "22A30CF4-7D0D-46A6-A2F4-8DC0C1AA4480", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "38245250-AE45-456F-9C40-A073AED930C6", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B2E56D76-1A89-46AB-9C17-CB24662FFDE7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 and 11.5.0 - 11.5.4, an undisclosed sequence of packets sent to BIG-IP High Availability state mirror listeners (primary and/or secondary IP) may cause TMM to restart.", }, { lang: "es", value: "En F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM y Websafe, en versiones de software 13.0.0, de la 12.0.0 a la 12.1.2, de la 11.6.0 a la 11.6.1 y de la 11.5.0 a la 11.5.4, una secuencia no revelada de paquetes enviada a los mirror listeners de estado de BIG-IP High Availability (IP primaria y/o secundaria) podría hacer que se reinicie TMM.", }, ], id: "CVE-2017-6132", lastModified: "2024-11-21T03:29:06.633", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-12-21T17:29:00.323", references: [ { source: "f5sirt@f5.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/102333", }, { source: "f5sirt@f5.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040049", }, { source: "f5sirt@f5.com", tags: [ "Issue Tracking", "Mitigation", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K12044607", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/102333", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040049", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Mitigation", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K12044607", }, ], sourceIdentifier: "f5sirt@f5.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-12-21 17:29
Modified
2024-11-21 03:29
Severity ?
Summary
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default "normalize URI" configuration options used in iRules and/or BIG-IP LTM policies.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | http://www.securitytracker.com/id/1040051 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K34514540 | Issue Tracking, Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040051 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K34514540 | Issue Tracking, Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f5 | big-ip_local_traffic_manager | * | |
| f5 | big-ip_local_traffic_manager | 13.0.0 | |
| f5 | big-ip_application_acceleration_manager | * | |
| f5 | big-ip_application_acceleration_manager | 13.0.0 | |
| f5 | big-ip_advanced_firewall_manager | * | |
| f5 | big-ip_advanced_firewall_manager | 13.0.0 | |
| f5 | big-ip_analytics | * | |
| f5 | big-ip_analytics | 13.0.0 | |
| f5 | big-ip_access_policy_manager | * | |
| f5 | big-ip_access_policy_manager | 13.0.0 | |
| f5 | big-ip_application_security_manager | * | |
| f5 | big-ip_application_security_manager | 13.0.0 | |
| f5 | big-ip_dns | * | |
| f5 | big-ip_dns | 13.0.0 | |
| f5 | big-ip_global_traffic_manager | * | |
| f5 | big-ip_global_traffic_manager | 13.0.0 | |
| f5 | big-ip_link_controller | * | |
| f5 | big-ip_link_controller | 13.0.0 | |
| f5 | big-ip_policy_enforcement_manager | * | |
| f5 | big-ip_policy_enforcement_manager | 13.0.0 | |
| f5 | big-ip_websafe | * | |
| f5 | big-ip_websafe | 13.0.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "48AEF668-8ABE-4A09-B45B-AB30B7A6464B", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BA7D64DC-7271-4617-BD46-99C8246779CA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "6CAB3D2D-F589-41AB-A68A-8AFA8760E394", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F3C3362F-1251-4E7B-B8CB-BBE7344A915E", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8C4E5F36-434B-48E1-9715-4EEC22FB23D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "A7E33F47-378B-4077-AA3E-6EBED04D3609", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "34D75E7F-B65F-421D-92EE-6B20756019C2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E6A76187-6118-4A9D-9F7C-0C9D3931BF42", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BCF89E7C-806E-4800-BAA9-0225433B6C56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "FE82B01E-278D-40DB-9CD5-D69F863A97CD", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "7569977A-E567-4115-B00C-4B0CBA86582E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*", matchCriteriaId: "D90D84D6-E4EF-4686-A7D9-52FF577251D8", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "93674162-3A63-4F05-B68F-B7D54B0AAE98", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "528457E0-A8CA-454B-AC01-C55630E2FA49", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3914B25C-4E86-4C00-A199-4C9A99BA2EC4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "B8AE206C-8F30-4C1A-9823-BAF2052EF065", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E2C4414E-8016-48B5-8CC3-F97FF2D85922", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "91F8E790-6C3C-476D-B403-4F13CEF0BA7A", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "42821916-E601-4831-B37B-3202ACF2C562", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "48B5CC4A-32F1-474A-A89B-A6C7E56513D7", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B2E56D76-1A89-46AB-9C17-CB24662FFDE7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default \"normalize URI\" configuration options used in iRules and/or BIG-IP LTM policies.", }, { lang: "es", value: "En F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM y WebSafe, en versiones de software 13.0.0 y de la 12.1.0 a la 12.1.2, las peticiones maliciosas enviadas al servidor virtual con un perfil HTTP puede provocar que el TMM se reinicie. El problema está presente en perfiles BIG-IP APM, independientemente de su configuración. Este problema también está presente en las opciones de configuración \"normalize URI\" utilizadas en las políticas BIG-IP LTM y/o iRules.", }, ], id: "CVE-2017-6138", lastModified: "2024-11-21T03:29:07.513", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-12-21T17:29:00.527", references: [ { source: "f5sirt@f5.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040051", }, { source: "f5sirt@f5.com", tags: [ "Issue Tracking", "Mitigation", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K34514540", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040051", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Mitigation", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K34514540", }, ], sourceIdentifier: "f5sirt@f5.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-03-01 16:29
Modified
2024-11-21 04:08
Severity ?
Summary
On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - 11.6.2, every Multipath TCP (MCTCP) connection established leaks a small amount of memory. Virtual server using TCP profile with Multipath TCP (MCTCP) feature enabled will be affected by this issue.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | http://www.securityfocus.com/bid/103217 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K33211839 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/103217 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K33211839 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "597AB2D4-B0E0-4437-9298-C9FC2E34247E", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2A3E8BFC-B1CF-4685-BC18-D991DAFE5D03", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BA7D64DC-7271-4617-BD46-99C8246779CA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "9ECBB647-0E28-4A45-8E49-A02C4974B6A9", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B74CDA31-23E8-4AB9-9D52-3107185379CF", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2C838ECE-BCC6-4D71-A36B-CF053A95BD5C", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "34C598BD-EA65-411F-8D2E-BB0C10700B7E", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8C4E5F36-434B-48E1-9715-4EEC22FB23D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F37A2F-1205-4726-8C84-49E555FB3524", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "367A6C6C-8FEC-4040-B199-B5E76B7DB81E", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "34D75E7F-B65F-421D-92EE-6B20756019C2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2DEB3F5D-E82B-4B0F-9EF2-0CC7CCCE3E2F", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "4B2C21C8-E666-4240-80B1-C0184A601524", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BCF89E7C-806E-4800-BAA9-0225433B6C56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0BE301F2-BF84-4B0D-BD32-F58899A93106", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F65C12F1-E3E5-4473-A48D-47941A159ED5", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "7569977A-E567-4115-B00C-4B0CBA86582E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*", matchCriteriaId: "84E884F6-4799-4CCE-9ECC-368FD5C1F5C7", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*", matchCriteriaId: "D6CAD89E-DE40-4EC8-B7D4-B0BF809D906F", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "93674162-3A63-4F05-B68F-B7D54B0AAE98", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "9984B71A-89EA-4E5E-8E4D-1EA3D06F003F", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "8E6B9E75-3DC4-479A-8031-7CA01A682116", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E2C4414E-8016-48B5-8CC3-F97FF2D85922", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2BC5F967-BD7E-4B43-BB24-07B66A7006D9", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "A2487AD7-F334-4BDF-A7E5-2217608A0016", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "42821916-E601-4831-B37B-3202ACF2C562", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "C2F2D318-6CE1-471C-AF57-8D790000962C", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "76C8BE66-5528-468B-8C07-804E34D9B66A", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B2E56D76-1A89-46AB-9C17-CB24662FFDE7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "730BC966-10B2-4A2E-BF12-EC4DE70DE968", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "D0B11AC1-E658-47F4-93E0-495190398A5C", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "4D3374BE-6A37-48B5-83D4-D61558A8433E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B848B902-CF3B-4534-823C-4343EAE98A2A", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "75CF4931-4586-4843-B9DB-D6C2E37C6571", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3914B25C-4E86-4C00-A199-4C9A99BA2EC4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "725BAE35-A9A3-4AEF-BAC1-18D445D241D5", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "69ED882C-C20B-42D4-9F30-693BD3059307", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "7E703FAB-BFCD-47A1-94BD-DD63879DE883", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - 11.6.2, every Multipath TCP (MCTCP) connection established leaks a small amount of memory. Virtual server using TCP profile with Multipath TCP (MCTCP) feature enabled will be affected by this issue.", }, { lang: "es", value: "En sistemas F5 BIG-IP que ejecutan las versiones 13.0.0, 12.1.0 - 12.1.3.1 o 11.6.1 - 11.6.2, cada conexión Multipath TCP (MCTCP) que se establece filtra una pequeña cantidad de memoria. Los servidores virtuales que emplean el perfil TCP con la característica Multipath TCP (MCTCP) habilitada se verán afectados por este problema.", }, ], id: "CVE-2018-5500", lastModified: "2024-11-21T04:08:55.560", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-03-01T16:29:00.337", references: [ { source: "f5sirt@f5.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/103217", }, { source: "f5sirt@f5.com", tags: [ "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K33211839", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/103217", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K33211839", }, ], sourceIdentifier: "f5sirt@f5.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-11-22 16:29
Modified
2024-11-21 03:29
Severity ?
Summary
In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12.0.0 to 12.1.1, in some cases the Traffic Management Microkernel (TMM) may crash when processing fragmented packets. This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted while TMM restarts. If the affected BIG-IP system is configured as part of a device group, it will trigger a failover to the peer device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | http://www.securityfocus.com/bid/102264 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | http://www.securitytracker.com/id/1039949 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K65615624 | Issue Tracking, Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102264 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039949 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K65615624 | Issue Tracking, Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f5 | big-ip_afm | * | |
| f5 | big-ip_analytics | * | |
| f5 | big-ip_apm | * | |
| f5 | big-ip_application_acceleration_manager | * | |
| f5 | big-ip_asm | * | |
| f5 | big-ip_dns | * | |
| f5 | big-ip_link_controller | * | |
| f5 | big-ip_ltm | * | |
| f5 | big-ip_pem | * | |
| f5 | f5_websafe | * | |
| f5 | linerate | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_afm:*:*:*:*:*:*:*:*", matchCriteriaId: "55477759-BD0D-45A9-812B-E3E227DCD31A", versionEndIncluding: "12.1.1", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "9A9F024E-74B6-4D90-AD0E-869BD0AF8BAD", versionEndIncluding: "12.1.1", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_apm:*:*:*:*:*:*:*:*", matchCriteriaId: "A84C593D-7A8C-49F4-A490-4D330D8BCBD8", versionEndIncluding: "12.1.1", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "10DAFC58-80B6-4BB6-9B74-8D4B122F5797", versionEndIncluding: "12.1.1", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_asm:*:*:*:*:*:*:*:*", matchCriteriaId: "FF47AC2C-F267-4B16-98E0-7D6676D55CE0", versionEndIncluding: "12.1.1", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*", matchCriteriaId: "EE031CCC-7CD0-44DE-B101-EB9181036775", versionEndIncluding: "12.1.1", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "6B42DCF7-9DCD-4091-8553-8FF5D9417D6D", versionEndIncluding: "12.1.1", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_ltm:*:*:*:*:*:*:*:*", matchCriteriaId: "CB56B6D2-4BAB-4C20-B971-67CAF45FD08E", versionEndIncluding: "12.1.1", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_pem:*:*:*:*:*:*:*:*", matchCriteriaId: "B5A49CA8-47F8-4FF2-9ECD-5B1A2B444ED8", versionEndIncluding: "12.1.1", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:f5_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "2BC666CC-14CC-4CCB-BD0E-88FDB18D298C", versionEndIncluding: "12.1.1", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:linerate:*:*:*:*:*:*:*:*", matchCriteriaId: "E83ABC2C-AF58-423C-944D-8127881E2408", versionEndIncluding: "2.6.2", versionStartIncluding: "2.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12.0.0 to 12.1.1, in some cases the Traffic Management Microkernel (TMM) may crash when processing fragmented packets. This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted while TMM restarts. If the affected BIG-IP system is configured as part of a device group, it will trigger a failover to the peer device.", }, { lang: "es", value: "En el software BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM y WebSafe desde la versión 12.0.0 a la 12.1.1, en algunos casos, el componente Traffic Management Microkernel (TMM) podría cerrarse inesperadamente al procesar paquetes fragmentados. Esta vulnerabilidad afecta al TMM mediante un servidor virtual configurado con perfil FastL4. El procesamiento del tráfico se interrumpe mientras el TMM (Traffic Management Microkernel) se reinicia. Si el sistema BIG-IP afectado está configurado como parte de un grupo de dispositivos, desencadenará una conmutación por error en el dispositivo del mismo nivel.", }, ], id: "CVE-2017-6166", lastModified: "2024-11-21T03:29:11.003", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-11-22T16:29:00.337", references: [ { source: "f5sirt@f5.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/102264", }, { source: "f5sirt@f5.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1039949", }, { source: "f5sirt@f5.com", tags: [ "Issue Tracking", "Mitigation", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K65615624", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/102264", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1039949", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Mitigation", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K65615624", }, ], sourceIdentifier: "f5sirt@f5.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-415", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-03-01 16:29
Modified
2024-11-21 04:08
Severity ?
Summary
In some circumstances, on F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, any 11.6.x or 11.5.x release, or 11.2.1, TCP DNS profile allows excessive buffering due to lack of flow control.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | http://www.securityfocus.com/bid/103211 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K44200194 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/103211 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K44200194 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "4663779D-B659-487D-813A-1A4E0F92D231", versionEndIncluding: "11.5.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "597AB2D4-B0E0-4437-9298-C9FC2E34247E", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2CD4DFE3-9071-4808-AE24-2CCA5DB5BA80", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*", matchCriteriaId: "F9EA336A-8055-4DA8-8F79-07C4ADE83E32", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BA7D64DC-7271-4617-BD46-99C8246779CA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "ACEB01A3-7240-4A9F-9E76-A28BAC82161D", versionEndIncluding: "11.5.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "9ECBB647-0E28-4A45-8E49-A02C4974B6A9", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E5D00EED-F95D-4458-BDC4-3390DE85348B", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.2.1:*:*:*:*:*:*:*", matchCriteriaId: "05EAC483-AD5B-41C2-98F1-A186E2DCB04E", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "89AADD07-A4FE-4BD9-8D36-7E6AC6D9ACD3", versionEndIncluding: "11.5.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2C838ECE-BCC6-4D71-A36B-CF053A95BD5C", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E5011C2D-FBB5-4117-BB97-11DE70117345", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.2.1:*:*:*:*:*:*:*", matchCriteriaId: "9FDC1C0F-A00A-456C-AB51-CD139B15CB61", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8C4E5F36-434B-48E1-9715-4EEC22FB23D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "6D6D4C8D-26C0-4636-8B3A-6A8D3FF9EFCD", versionEndIncluding: "11.5.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F37A2F-1205-4726-8C84-49E555FB3524", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "79344F94-2CB8-4F08-9373-61614A38476C", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*", matchCriteriaId: "867B2CA9-DAE5-4070-B8E6-F624C59F5054", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "34D75E7F-B65F-421D-92EE-6B20756019C2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "9B4B2EF2-2D4E-4EF6-B005-8EB318EA87DD", versionEndIncluding: "11.5.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2DEB3F5D-E82B-4B0F-9EF2-0CC7CCCE3E2F", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "6BB42D3A-71EE-4367-9F65-86404D74E59D", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*", matchCriteriaId: "FB630A86-FB84-4199-9E4D-38EB620806CB", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BCF89E7C-806E-4800-BAA9-0225433B6C56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "6CCE70E9-B646-49CF-B530-560B2D446241", versionEndIncluding: "11.5.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0BE301F2-BF84-4B0D-BD32-F58899A93106", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "397AC4A5-B67C-483B-84F7-8CB294BB460C", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*", matchCriteriaId: "A635FEC4-4F52-4971-A67D-47E68108E4F4", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "7569977A-E567-4115-B00C-4B0CBA86582E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*", matchCriteriaId: "1E8E16CA-ED64-4616-A28E-0EA7D5E3A901", versionEndIncluding: "11.5.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*", matchCriteriaId: "84E884F6-4799-4CCE-9ECC-368FD5C1F5C7", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*", matchCriteriaId: "1FF76753-AE8C-40F1-BD1D-71F679AB467E", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:11.2.1:*:*:*:*:*:*:*", matchCriteriaId: "2D2D7449-7C4E-4F20-897A-4792160FA5D1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "93674162-3A63-4F05-B68F-B7D54B0AAE98", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "C7092498-F7E8-4D65-AC09-76C448A78811", versionEndIncluding: "11.5.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "9984B71A-89EA-4E5E-8E4D-1EA3D06F003F", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "60189636-02D6-44CA-BE2A-7777E3C409CD", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*", matchCriteriaId: "2DD53088-3BD4-4AF9-8934-4905231A75E8", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E2C4414E-8016-48B5-8CC3-F97FF2D85922", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "A0EBB0AF-3BD2-4BE4-B6AB-5E054A0A5309", versionEndIncluding: "11.5.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2BC5F967-BD7E-4B43-BB24-07B66A7006D9", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5AD75094-3248-4D37-969E-75272F6F31D6", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.2.1:*:*:*:*:*:*:*", matchCriteriaId: "D964BBB4-B343-43C6-A7A1-39BD9E1EEA16", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "42821916-E601-4831-B37B-3202ACF2C562", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "EDF56E55-0332-4FA4-8377-C6F3B1BDE012", versionEndIncluding: "11.5.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "C2F2D318-6CE1-471C-AF57-8D790000962C", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "937055BD-53FC-4D8E-B965-D676AA5ABA4C", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:11.2.1:*:*:*:*:*:*:*", matchCriteriaId: "BFD9136F-100A-4747-84B7-33D6D8905DDB", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B2E56D76-1A89-46AB-9C17-CB24662FFDE7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "5001D508-122D-4C60-BD54-EF184CA1B933", versionEndIncluding: "11.5.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "730BC966-10B2-4A2E-BF12-EC4DE70DE968", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "6A11E433-943D-4D92-B45E-3FA268094278", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*", matchCriteriaId: "3136A8D1-3D0D-46B3-9A3A-737074864F1B", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "4D3374BE-6A37-48B5-83D4-D61558A8433E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B54AD8F2-80A8-4023-B301-B89CC43E53C6", versionEndIncluding: "11.5.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B848B902-CF3B-4534-823C-4343EAE98A2A", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "57CCB85A-6F90-4DB7-B0F8-AE5250E1DCFE", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*", matchCriteriaId: "84452450-77FA-4708-9C86-5464D541C8ED", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3914B25C-4E86-4C00-A199-4C9A99BA2EC4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "1BB24325-5EA0-4D6B-980F-140FF1BBE8DC", versionEndIncluding: "11.5.4", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "725BAE35-A9A3-4AEF-BAC1-18D445D241D5", versionEndIncluding: "11.6.2", versionStartIncluding: "11.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "E7860523-E8B3-4BEE-853A-6F0B5BCDDA5A", versionEndIncluding: "12.1.3", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*", matchCriteriaId: "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "7E703FAB-BFCD-47A1-94BD-DD63879DE883", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In some circumstances, on F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, any 11.6.x or 11.5.x release, or 11.2.1, TCP DNS profile allows excessive buffering due to lack of flow control.", }, { lang: "es", value: "En algunas circunstancias, en sistemas F5 BIG-IP que ejecutan 13.0.0, 12.1.0 - 12.1.3.1, cualquier versión 11.6.x o 11.5.x o 11.2.1, el perfil TCP DNS permite el buffering excesivo debido a la falta de control de flujo.", }, ], id: "CVE-2018-5501", lastModified: "2024-11-21T04:08:55.750", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-03-01T16:29:00.400", references: [ { source: "f5sirt@f5.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/103211", }, { source: "f5sirt@f5.com", tags: [ "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K44200194", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/103211", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K44200194", }, ], sourceIdentifier: "f5sirt@f5.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-12-21 17:29
Modified
2024-11-21 03:29
Severity ?
Summary
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, undisclosed HTTP requests may cause a denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | http://www.securityfocus.com/bid/102467 | ||
| f5sirt@f5.com | http://www.securitytracker.com/id/1040048 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K25033460 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102467 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040048 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K25033460 | Issue Tracking, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f5 | big-ip_local_traffic_manager | * | |
| f5 | big-ip_local_traffic_manager | 13.0.0 | |
| f5 | big-ip_application_acceleration_manager | * | |
| f5 | big-ip_application_acceleration_manager | 13.0.0 | |
| f5 | big-ip_advanced_firewall_manager | * | |
| f5 | big-ip_advanced_firewall_manager | 13.0.0 | |
| f5 | big-ip_analytics | * | |
| f5 | big-ip_analytics | 13.0.0 | |
| f5 | big-ip_access_policy_manager | * | |
| f5 | big-ip_access_policy_manager | 13.0.0 | |
| f5 | big-ip_application_security_manager | * | |
| f5 | big-ip_application_security_manager | 13.0.0 | |
| f5 | big-ip_dns | * | |
| f5 | big-ip_dns | 13.0.0 | |
| f5 | big-ip_link_controller | * | |
| f5 | big-ip_link_controller | 13.0.0 | |
| f5 | big-ip_policy_enforcement_manager | * | |
| f5 | big-ip_policy_enforcement_manager | 13.0.0 | |
| f5 | big-ip_websafe | * | |
| f5 | big-ip_websafe | 13.0.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "48AEF668-8ABE-4A09-B45B-AB30B7A6464B", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BA7D64DC-7271-4617-BD46-99C8246779CA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "6CAB3D2D-F589-41AB-A68A-8AFA8760E394", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F3C3362F-1251-4E7B-B8CB-BBE7344A915E", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8C4E5F36-434B-48E1-9715-4EEC22FB23D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "A7E33F47-378B-4077-AA3E-6EBED04D3609", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "34D75E7F-B65F-421D-92EE-6B20756019C2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E6A76187-6118-4A9D-9F7C-0C9D3931BF42", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BCF89E7C-806E-4800-BAA9-0225433B6C56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "FE82B01E-278D-40DB-9CD5-D69F863A97CD", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "7569977A-E567-4115-B00C-4B0CBA86582E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*", matchCriteriaId: "D90D84D6-E4EF-4686-A7D9-52FF577251D8", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "93674162-3A63-4F05-B68F-B7D54B0AAE98", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "B8AE206C-8F30-4C1A-9823-BAF2052EF065", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E2C4414E-8016-48B5-8CC3-F97FF2D85922", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "91F8E790-6C3C-476D-B403-4F13CEF0BA7A", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "42821916-E601-4831-B37B-3202ACF2C562", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "48B5CC4A-32F1-474A-A89B-A6C7E56513D7", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B2E56D76-1A89-46AB-9C17-CB24662FFDE7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, undisclosed HTTP requests may cause a denial of service.", }, { lang: "es", value: "En F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM y WebSafe, en versiones 13.0.0 y de la 12.1.0 a la 12.1.2, las peticiones HTTP no reveladas podrían provocar una denegación de servicio (DoS).", }, ], id: "CVE-2017-6133", lastModified: "2024-11-21T03:29:06.793", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-12-21T17:29:00.370", references: [ { source: "f5sirt@f5.com", url: "http://www.securityfocus.com/bid/102467", }, { source: "f5sirt@f5.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040048", }, { source: "f5sirt@f5.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K25033460", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/102467", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040048", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K25033460", }, ], sourceIdentifier: "f5sirt@f5.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-03-01 16:29
Modified
2024-11-21 03:29
Severity ?
Summary
Under certain conditions for F5 BIG-IP systems 13.0.0 or 12.1.0 - 12.1.3.1, using FastL4 profiles, when the Reassemble IP Fragments option is disabled (default), some specific large fragmented packets may restart the Traffic Management Microkernel (TMM).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | http://www.securityfocus.com/bid/103235 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K62712037 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/103235 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K62712037 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f5 | big-ip_local_traffic_manager | * | |
| f5 | big-ip_local_traffic_manager | 13.0.0 | |
| f5 | big-ip_application_acceleration_manager | * | |
| f5 | big-ip_application_acceleration_manager | 13.0.0 | |
| f5 | big-ip_advanced_firewall_manager | * | |
| f5 | big-ip_advanced_firewall_manager | 13.0.0 | |
| f5 | big-ip_analytics | * | |
| f5 | big-ip_analytics | 13.0.0 | |
| f5 | big-ip_access_policy_manager | * | |
| f5 | big-ip_access_policy_manager | 13.0.0 | |
| f5 | big-ip_application_security_manager | * | |
| f5 | big-ip_application_security_manager | 13.0.0 | |
| f5 | big-ip_dns | * | |
| f5 | big-ip_dns | 13.0.0 | |
| f5 | big-ip_link_controller | * | |
| f5 | big-ip_link_controller | 13.0.0 | |
| f5 | big-ip_policy_enforcement_manager | * | |
| f5 | big-ip_policy_enforcement_manager | 13.0.0 | |
| f5 | big-ip_websafe | * | |
| f5 | big-ip_websafe | 13.0.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2A3E8BFC-B1CF-4685-BC18-D991DAFE5D03", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BA7D64DC-7271-4617-BD46-99C8246779CA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B74CDA31-23E8-4AB9-9D52-3107185379CF", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "34C598BD-EA65-411F-8D2E-BB0C10700B7E", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8C4E5F36-434B-48E1-9715-4EEC22FB23D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "367A6C6C-8FEC-4040-B199-B5E76B7DB81E", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "34D75E7F-B65F-421D-92EE-6B20756019C2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "4B2C21C8-E666-4240-80B1-C0184A601524", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BCF89E7C-806E-4800-BAA9-0225433B6C56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F65C12F1-E3E5-4473-A48D-47941A159ED5", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "7569977A-E567-4115-B00C-4B0CBA86582E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*", matchCriteriaId: "D6CAD89E-DE40-4EC8-B7D4-B0BF809D906F", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "93674162-3A63-4F05-B68F-B7D54B0AAE98", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "8E6B9E75-3DC4-479A-8031-7CA01A682116", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E2C4414E-8016-48B5-8CC3-F97FF2D85922", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "A2487AD7-F334-4BDF-A7E5-2217608A0016", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "42821916-E601-4831-B37B-3202ACF2C562", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "76C8BE66-5528-468B-8C07-804E34D9B66A", versionEndIncluding: "12.1.3.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B2E56D76-1A89-46AB-9C17-CB24662FFDE7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Under certain conditions for F5 BIG-IP systems 13.0.0 or 12.1.0 - 12.1.3.1, using FastL4 profiles, when the Reassemble IP Fragments option is disabled (default), some specific large fragmented packets may restart the Traffic Management Microkernel (TMM).", }, { lang: "es", value: "Bajo ciertas condiciones para los sistemas F5 BIG-IP 13.0.0 o 12.1.0 - 12.1.3.1 que emplean perfiles FastL4, cuando la opción Reassemble IP Fragments está deshabilitada (por defecto), algunos paquetes grandes fragmentados podrían reiniciar el TMM (Traffic Management Microkernel).", }, ], id: "CVE-2017-6150", lastModified: "2024-11-21T03:29:08.867", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-03-01T16:29:00.230", references: [ { source: "f5sirt@f5.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/103235", }, { source: "f5sirt@f5.com", tags: [ "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K62712037", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/103235", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K62712037", }, ], sourceIdentifier: "f5sirt@f5.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-12-21 17:29
Modified
2024-11-21 03:29
Severity ?
Summary
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0, a slow memory leak as a result of undisclosed IPv4 or IPv6 packets sent to BIG-IP management port or self IP addresses may lead to out of memory (OOM) conditions.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | http://www.securitytracker.com/id/1040050 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K43322910 | Issue Tracking, Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040050 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K43322910 | Issue Tracking, Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f5 | big-ip_local_traffic_manager | 13.0.0 | |
| f5 | big-ip_application_acceleration_manager | 13.0.0 | |
| f5 | big-ip_advanced_firewall_manager | 13.0.0 | |
| f5 | big-ip_analytics | 13.0.0 | |
| f5 | big-ip_access_policy_manager | 13.0.0 | |
| f5 | big-ip_application_security_manager | 13.0.0 | |
| f5 | big-ip_dns | 13.0.0 | |
| f5 | big-ip_global_traffic_manager | 13.0.0 | |
| f5 | big-ip_link_controller | 13.0.0 | |
| f5 | big-ip_policy_enforcement_manager | 13.0.0 | |
| f5 | big-ip_websafe | 13.0.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BA7D64DC-7271-4617-BD46-99C8246779CA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8C4E5F36-434B-48E1-9715-4EEC22FB23D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "34D75E7F-B65F-421D-92EE-6B20756019C2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BCF89E7C-806E-4800-BAA9-0225433B6C56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "7569977A-E567-4115-B00C-4B0CBA86582E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_dns:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "93674162-3A63-4F05-B68F-B7D54B0AAE98", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3914B25C-4E86-4C00-A199-4C9A99BA2EC4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E2C4414E-8016-48B5-8CC3-F97FF2D85922", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "42821916-E601-4831-B37B-3202ACF2C562", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_websafe:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B2E56D76-1A89-46AB-9C17-CB24662FFDE7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0, a slow memory leak as a result of undisclosed IPv4 or IPv6 packets sent to BIG-IP management port or self IP addresses may lead to out of memory (OOM) conditions.", }, { lang: "es", value: "En F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM y WebSafe en su versión 13.0.0, una fuga de memoria lenta producida por paquetes IPv4 e IPv6 no revelados enviados al puerto de gestión de BIG-IP o a sus propias direcciones IP puede provocar condiciones de agotamiento de memoria.", }, ], id: "CVE-2017-6135", lastModified: "2024-11-21T03:29:07.093", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-12-21T17:29:00.450", references: [ { source: "f5sirt@f5.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040050", }, { source: "f5sirt@f5.com", tags: [ "Issue Tracking", "Mitigation", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K43322910", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040050", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Mitigation", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K43322910", }, ], sourceIdentifier: "f5sirt@f5.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-772", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-12-21 17:29
Modified
2024-11-21 03:29
Severity ?
Summary
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0, 12.1.0 - 12.1.2 and 11.5.1 - 11.6.1, an undisclosed sequence of packets, sourced from an adjacent network may cause TMM to crash.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | http://www.securityfocus.com/bid/102466 | ||
| f5sirt@f5.com | http://www.securitytracker.com/id/1040044 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | http://www.securitytracker.com/id/1040045 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K37404773 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102466 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040044 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040045 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K37404773 | Issue Tracking, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "993AD7D2-DBC5-40B6-9CBE-1BA9590FCCC4", versionEndIncluding: "11.6.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "48AEF668-8ABE-4A09-B45B-AB30B7A6464B", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BA7D64DC-7271-4617-BD46-99C8246779CA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8E8D6DC6-FE8D-4C73-930B-99E2B3FB18ED", versionEndIncluding: "11.6.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "6CAB3D2D-F589-41AB-A68A-8AFA8760E394", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "13EDBCE3-05FD-4B5B-926B-0B5B18199083", versionEndIncluding: "11.6.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F3C3362F-1251-4E7B-B8CB-BBE7344A915E", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8C4E5F36-434B-48E1-9715-4EEC22FB23D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "B62C49F2-DAAD-467A-B27C-20E2A014787B", versionEndIncluding: "11.6.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "A7E33F47-378B-4077-AA3E-6EBED04D3609", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "34D75E7F-B65F-421D-92EE-6B20756019C2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "83DC910C-4396-4945-8635-E9C8038BE872", versionEndIncluding: "11.6.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E6A76187-6118-4A9D-9F7C-0C9D3931BF42", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BCF89E7C-806E-4800-BAA9-0225433B6C56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EAB57533-B744-4A2F-8AE0-7D8037CBA70D", versionEndIncluding: "11.6.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "FE82B01E-278D-40DB-9CD5-D69F863A97CD", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "7569977A-E567-4115-B00C-4B0CBA86582E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*", matchCriteriaId: "65F88F93-D566-44FC-969D-B11C51B4261E", versionEndIncluding: "11.6.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*", matchCriteriaId: "D90D84D6-E4EF-4686-A7D9-52FF577251D8", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "93674162-3A63-4F05-B68F-B7D54B0AAE98", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5F5F1D95-D705-4715-B844-52E8ECBB266D", versionEndIncluding: "11.6.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "528457E0-A8CA-454B-AC01-C55630E2FA49", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3914B25C-4E86-4C00-A199-4C9A99BA2EC4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "BC21461D-B2B2-4FD2-B24F-DCAF525847EF", versionEndIncluding: "11.6.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "B8AE206C-8F30-4C1A-9823-BAF2052EF065", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E2C4414E-8016-48B5-8CC3-F97FF2D85922", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C73A1C36-0F0F-4EDD-99C6-321F9367FF70", versionEndIncluding: "11.6.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "91F8E790-6C3C-476D-B403-4F13CEF0BA7A", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "42821916-E601-4831-B37B-3202ACF2C562", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "6E27FFA2-D2AC-4838-A4C6-58964794977C", versionEndIncluding: "11.6.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "48B5CC4A-32F1-474A-A89B-A6C7E56513D7", versionEndIncluding: "12.1.2", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B2E56D76-1A89-46AB-9C17-CB24662FFDE7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0, 12.1.0 - 12.1.2 and 11.5.1 - 11.6.1, an undisclosed sequence of packets, sourced from an adjacent network may cause TMM to crash.", }, { lang: "es", value: "En F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM y WebSafe, en versiones de software 13.0.0, de la 12.1.0 a la 12.1.2 y de la 11.5.1 a la 11.6.1, una secuencia de paquetes no revelada cuyo origen es una red adyacente podría hacer que TMM se cierre de manera inesperada.", }, ], id: "CVE-2017-6134", lastModified: "2024-11-21T03:29:06.950", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-12-21T17:29:00.403", references: [ { source: "f5sirt@f5.com", url: "http://www.securityfocus.com/bid/102466", }, { source: "f5sirt@f5.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040044", }, { source: "f5sirt@f5.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040045", }, { source: "f5sirt@f5.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K37404773", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/102466", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040044", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040045", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K37404773", }, ], sourceIdentifier: "f5sirt@f5.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-12-21 17:29
Modified
2024-11-21 03:29
Severity ?
Summary
On the BIG-IP 2000s, 2200s, 4000s, 4200v, i5600, i5800, i7600, i7800, i10600,i10800, and VIPRION 4450 blades, running version 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 12.1.0, 12.1.1 or 12.1.2 of BIG-IP LTM, AAM, AFM, Analytics, ASM, DNS, GTM or PEM, an undisclosed sequence of packets sent to Virtual Servers with client or server SSL profiles may cause disruption of data plane services.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | http://www.securitytracker.com/id/1040042 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K55102452 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040042 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K55102452 | Issue Tracking, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "12F86EB5-D581-4103-A802-44D968BA8D55", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "06224D59-35F8-4168-80C5-CF5B17E99050", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*", matchCriteriaId: "A2B502F2-404C-463B-B6BE-87489DC881F9", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "A82C7B1C-E195-4D94-B604-78FB464C4F81", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "8F6C3144-D0DE-4248-BFCD-04A7E6104044", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:*", matchCriteriaId: "0357B5ED-0600-4756-93E5-692987068596", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:f5:big-ip_2000s:-:*:*:*:*:*:*:*", matchCriteriaId: "EB09D38C-6314-48DF-82DB-68ED2AA2A87F", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_2200s:-:*:*:*:*:*:*:*", matchCriteriaId: "0EE3D3C8-2B7C-4336-A237-7022949B3883", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_4000s:-:*:*:*:*:*:*:*", matchCriteriaId: "A481AA79-5A01-4051-9F3D-ACC203CC9398", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_4200v:-:*:*:*:*:*:*:*", matchCriteriaId: "B1FDCC56-7608-4856-8945-3D06155150AA", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i10600:-:*:*:*:*:*:*:*", matchCriteriaId: "F768A343-E31B-4A0B-A1CE-B884BCF8DE96", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i10800:-:*:*:*:*:*:*:*", matchCriteriaId: "25711D89-A9A6-41E8-8DAB-FBFA9CADB69B", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i5600:-:*:*:*:*:*:*:*", matchCriteriaId: "D848D43B-F994-45CF-AA53-ED0D4ACEDE8C", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i5800:-:*:*:*:*:*:*:*", matchCriteriaId: "16C46A4D-3773-4EB4-B397-D02694FC65BD", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i7600:-:*:*:*:*:*:*:*", matchCriteriaId: "842E7F16-4CB8-450F-BF18-829BAEFAF6CC", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i7800:-:*:*:*:*:*:*:*", matchCriteriaId: "E7569487-6D88-46CC-9B70-59D56DB0CE35", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:viprion_4450_blades:-:*:*:*:*:*:*:*", matchCriteriaId: "8B4ADE44-5E90-411D-B11F-941B1122B9CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "A4489382-0668-4CFB-BA89-D54762937CEE", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "9850D0AA-B173-47B2-9B69-75E6D1FAF490", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "40994EB4-4D31-4697-964D-1F0B09864DF2", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5B40837-EC2B-41FB-ACC3-806054EAF28C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*", matchCriteriaId: "48BE0210-7058-462A-BA17-845D3E4F52FA", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3CA2FA6B-3930-432F-8FB5-E73604CEFE42", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "ECA90FB8-E2CD-400F-B753-1B482E7FAC96", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "6FEC804B-35DB-4A0C-9AEA-15527E0CC1B1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:*:*:*:*:*:*:*", matchCriteriaId: "BEB228A9-0C01-4531-B2B2-38BB7B0E02E9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:f5:big-ip_2000s:-:*:*:*:*:*:*:*", matchCriteriaId: "EB09D38C-6314-48DF-82DB-68ED2AA2A87F", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_2200s:-:*:*:*:*:*:*:*", matchCriteriaId: "0EE3D3C8-2B7C-4336-A237-7022949B3883", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_4000s:-:*:*:*:*:*:*:*", matchCriteriaId: "A481AA79-5A01-4051-9F3D-ACC203CC9398", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_4200v:-:*:*:*:*:*:*:*", matchCriteriaId: "B1FDCC56-7608-4856-8945-3D06155150AA", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i10600:-:*:*:*:*:*:*:*", matchCriteriaId: "F768A343-E31B-4A0B-A1CE-B884BCF8DE96", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i10800:-:*:*:*:*:*:*:*", matchCriteriaId: "25711D89-A9A6-41E8-8DAB-FBFA9CADB69B", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i5600:-:*:*:*:*:*:*:*", matchCriteriaId: "D848D43B-F994-45CF-AA53-ED0D4ACEDE8C", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i5800:-:*:*:*:*:*:*:*", matchCriteriaId: "16C46A4D-3773-4EB4-B397-D02694FC65BD", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i7600:-:*:*:*:*:*:*:*", matchCriteriaId: "842E7F16-4CB8-450F-BF18-829BAEFAF6CC", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i7800:-:*:*:*:*:*:*:*", matchCriteriaId: "E7569487-6D88-46CC-9B70-59D56DB0CE35", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:viprion_4450_blades:-:*:*:*:*:*:*:*", matchCriteriaId: "8B4ADE44-5E90-411D-B11F-941B1122B9CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "3755740D-F1DC-4910-ADDD-9D491515201C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "EA244A7D-F65D-4114-81C8-CE811959EA10", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "5EA9F72C-8344-4370-B511-31BEC8BA63E8", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "96CF015E-C74B-4215-9103-8087BC1D12AB", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "CFE4DB00-433D-414A-A1CE-E507B9BB809B", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B276E4DF-69FC-4158-B93A-781A45605034", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*", matchCriteriaId: "CBAB92C5-2D50-49CC-AECA-0D16BC44A788", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "532AAF54-64EF-4852-B4F1-D5E660463704", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "BC827031-CA39-4081-8CE0-30EAC78DF756", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "7569903B-3A15-4A10-863B-6828337DD268", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:*:*:*:*:*:*:*", matchCriteriaId: "45825991-D17D-42F1-87B4-7DF86B098B45", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:f5:big-ip_2000s:-:*:*:*:*:*:*:*", matchCriteriaId: "EB09D38C-6314-48DF-82DB-68ED2AA2A87F", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_2200s:-:*:*:*:*:*:*:*", matchCriteriaId: "0EE3D3C8-2B7C-4336-A237-7022949B3883", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_4000s:-:*:*:*:*:*:*:*", matchCriteriaId: "A481AA79-5A01-4051-9F3D-ACC203CC9398", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_4200v:-:*:*:*:*:*:*:*", matchCriteriaId: "B1FDCC56-7608-4856-8945-3D06155150AA", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i10600:-:*:*:*:*:*:*:*", matchCriteriaId: "F768A343-E31B-4A0B-A1CE-B884BCF8DE96", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i10800:-:*:*:*:*:*:*:*", matchCriteriaId: "25711D89-A9A6-41E8-8DAB-FBFA9CADB69B", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i5600:-:*:*:*:*:*:*:*", matchCriteriaId: "D848D43B-F994-45CF-AA53-ED0D4ACEDE8C", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i5800:-:*:*:*:*:*:*:*", matchCriteriaId: "16C46A4D-3773-4EB4-B397-D02694FC65BD", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i7600:-:*:*:*:*:*:*:*", matchCriteriaId: "842E7F16-4CB8-450F-BF18-829BAEFAF6CC", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i7800:-:*:*:*:*:*:*:*", matchCriteriaId: "E7569487-6D88-46CC-9B70-59D56DB0CE35", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:viprion_4450_blades:-:*:*:*:*:*:*:*", matchCriteriaId: "8B4ADE44-5E90-411D-B11F-941B1122B9CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "A7D226F1-6513-4233-BE20-58D7AB24978F", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "B33B2082-E040-4799-A260-BA687ED8614E", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "A85766A4-2181-4719-ADCF-4FEA0031DB80", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "D2E93EE3-DB73-468E-87CA-4D277F283648", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "ADB01A61-1924-417F-8A75-9FDF8F14F754", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.6.1:*:*:*:*:*:*:*", matchCriteriaId: "2A065BC0-56BD-4665-A860-EBA37F1A4D8C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "D0EDB8E9-E6FB-406E-B1D3-C620F114804C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "77192AFB-B612-4BAA-916C-3DF8E851CC2B", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "AE295AF6-2B35-467F-8501-B5753CDDE16C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:12.1.2:*:*:*:*:*:*:*", matchCriteriaId: "E3C03B68-914F-4DB0-A832-B626B8746524", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:f5:big-ip_2000s:-:*:*:*:*:*:*:*", matchCriteriaId: "EB09D38C-6314-48DF-82DB-68ED2AA2A87F", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_2200s:-:*:*:*:*:*:*:*", matchCriteriaId: "0EE3D3C8-2B7C-4336-A237-7022949B3883", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_4000s:-:*:*:*:*:*:*:*", matchCriteriaId: "A481AA79-5A01-4051-9F3D-ACC203CC9398", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_4200v:-:*:*:*:*:*:*:*", matchCriteriaId: "B1FDCC56-7608-4856-8945-3D06155150AA", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i10600:-:*:*:*:*:*:*:*", matchCriteriaId: "F768A343-E31B-4A0B-A1CE-B884BCF8DE96", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i10800:-:*:*:*:*:*:*:*", matchCriteriaId: "25711D89-A9A6-41E8-8DAB-FBFA9CADB69B", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i5600:-:*:*:*:*:*:*:*", matchCriteriaId: "D848D43B-F994-45CF-AA53-ED0D4ACEDE8C", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i5800:-:*:*:*:*:*:*:*", matchCriteriaId: "16C46A4D-3773-4EB4-B397-D02694FC65BD", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i7600:-:*:*:*:*:*:*:*", matchCriteriaId: "842E7F16-4CB8-450F-BF18-829BAEFAF6CC", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i7800:-:*:*:*:*:*:*:*", matchCriteriaId: "E7569487-6D88-46CC-9B70-59D56DB0CE35", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:viprion_4450_blades:-:*:*:*:*:*:*:*", matchCriteriaId: "8B4ADE44-5E90-411D-B11F-941B1122B9CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "1AD2C1D2-103E-4B0F-84AA-999F01E695F0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "855E91A4-0A0C-4E5C-8019-FB513A793803", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "FCCC2092-E109-4FF6-9B85-6C9434269851", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "8923BB93-96C1-417B-9172-4A81E731EBA2", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "274E34BF-82A5-4D9E-BC72-202193A47A5A", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "475F0EF8-42CB-4099-9C4A-390F946C4924", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*", matchCriteriaId: "94DBCD7A-E4DA-4C08-87A4-960CF53A83E6", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "62B0A70A-D101-443E-A543-5EC35E23D66F", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "2DB2118A-0F9C-4273-BB07-85FEA32C785B", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "8541C9EF-69A8-4641-B173-3BCE0EDD20A8", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:*:*:*:*:*:*:*", matchCriteriaId: "E24A3C71-0075-4738-B114-267337D050CD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:f5:big-ip_2000s:-:*:*:*:*:*:*:*", matchCriteriaId: "EB09D38C-6314-48DF-82DB-68ED2AA2A87F", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_2200s:-:*:*:*:*:*:*:*", matchCriteriaId: "0EE3D3C8-2B7C-4336-A237-7022949B3883", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_4000s:-:*:*:*:*:*:*:*", matchCriteriaId: "A481AA79-5A01-4051-9F3D-ACC203CC9398", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_4200v:-:*:*:*:*:*:*:*", matchCriteriaId: "B1FDCC56-7608-4856-8945-3D06155150AA", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i10600:-:*:*:*:*:*:*:*", matchCriteriaId: "F768A343-E31B-4A0B-A1CE-B884BCF8DE96", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i10800:-:*:*:*:*:*:*:*", matchCriteriaId: "25711D89-A9A6-41E8-8DAB-FBFA9CADB69B", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i5600:-:*:*:*:*:*:*:*", matchCriteriaId: "D848D43B-F994-45CF-AA53-ED0D4ACEDE8C", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i5800:-:*:*:*:*:*:*:*", matchCriteriaId: "16C46A4D-3773-4EB4-B397-D02694FC65BD", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i7600:-:*:*:*:*:*:*:*", matchCriteriaId: "842E7F16-4CB8-450F-BF18-829BAEFAF6CC", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i7800:-:*:*:*:*:*:*:*", matchCriteriaId: "E7569487-6D88-46CC-9B70-59D56DB0CE35", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:viprion_4450_blades:-:*:*:*:*:*:*:*", matchCriteriaId: "8B4ADE44-5E90-411D-B11F-941B1122B9CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_dns:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "E142B175-0E9D-4051-A6B1-FF9E7583DFBA", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "9B131043-3C02-47CE-8D1C-BB29A20113E5", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "DCE4ACE8-1309-4631-9E34-A6032009B702", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "A70560C5-AEB5-4144-A0AA-10A63527B5C1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "8F2CE884-45CD-4EB8-8568-B3AEAB017361", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "0EAEC7D0-4BE1-42EE-91CA-56204FEAD048", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:11.6.1:*:*:*:*:*:*:*", matchCriteriaId: "510C2966-F495-49BB-99D6-53468FD95832", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "FE97E4B1-88D7-4B3E-BEA3-0AD2A01347FC", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "F2E3AE25-2F4F-4CE5-8842-E02346162D7D", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "4CCC6CA6-2BE8-40D4-AC55-94AF8F5BEDF9", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:12.1.2:*:*:*:*:*:*:*", matchCriteriaId: "62FE0213-787C-49CB-96B8-EAC9DE0977EA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:f5:big-ip_2000s:-:*:*:*:*:*:*:*", matchCriteriaId: "EB09D38C-6314-48DF-82DB-68ED2AA2A87F", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_2200s:-:*:*:*:*:*:*:*", matchCriteriaId: "0EE3D3C8-2B7C-4336-A237-7022949B3883", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_4000s:-:*:*:*:*:*:*:*", matchCriteriaId: "A481AA79-5A01-4051-9F3D-ACC203CC9398", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_4200v:-:*:*:*:*:*:*:*", matchCriteriaId: "B1FDCC56-7608-4856-8945-3D06155150AA", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i10600:-:*:*:*:*:*:*:*", matchCriteriaId: "F768A343-E31B-4A0B-A1CE-B884BCF8DE96", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i10800:-:*:*:*:*:*:*:*", matchCriteriaId: "25711D89-A9A6-41E8-8DAB-FBFA9CADB69B", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i5600:-:*:*:*:*:*:*:*", matchCriteriaId: "D848D43B-F994-45CF-AA53-ED0D4ACEDE8C", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i5800:-:*:*:*:*:*:*:*", matchCriteriaId: "16C46A4D-3773-4EB4-B397-D02694FC65BD", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i7600:-:*:*:*:*:*:*:*", matchCriteriaId: "842E7F16-4CB8-450F-BF18-829BAEFAF6CC", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i7800:-:*:*:*:*:*:*:*", matchCriteriaId: "E7569487-6D88-46CC-9B70-59D56DB0CE35", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:viprion_4450_blades:-:*:*:*:*:*:*:*", matchCriteriaId: "8B4ADE44-5E90-411D-B11F-941B1122B9CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "0594DBC5-8470-416C-A5EA-E04F5AB2C799", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "BD3A3BA6-6F60-45CA-8F52-687B671B077A", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "202B6870-718C-4F8D-9BAB-7ED6385BF2A7", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "EC6A3691-ADC4-44BC-8A11-D855B13EF128", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "D7D7863D-B064-4D7A-A66B-C3D3523425FD", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:*", matchCriteriaId: "911BB6DB-B2D1-4855-A65C-F0799E034358", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "44D161F9-D198-4DA0-BF95-19472A0495A8", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "06E2C448-F279-476E-9F54-185582BEE9E5", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "5943AAEF-A816-4F95-A91F-023A226D6459", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.2:*:*:*:*:*:*:*", matchCriteriaId: "72E78A8D-6CB6-49F9-9288-9C2EEF41441A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:f5:big-ip_2000s:-:*:*:*:*:*:*:*", matchCriteriaId: "EB09D38C-6314-48DF-82DB-68ED2AA2A87F", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_2200s:-:*:*:*:*:*:*:*", matchCriteriaId: "0EE3D3C8-2B7C-4336-A237-7022949B3883", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_4000s:-:*:*:*:*:*:*:*", matchCriteriaId: "A481AA79-5A01-4051-9F3D-ACC203CC9398", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_4200v:-:*:*:*:*:*:*:*", matchCriteriaId: "B1FDCC56-7608-4856-8945-3D06155150AA", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i10600:-:*:*:*:*:*:*:*", matchCriteriaId: "F768A343-E31B-4A0B-A1CE-B884BCF8DE96", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i10800:-:*:*:*:*:*:*:*", matchCriteriaId: "25711D89-A9A6-41E8-8DAB-FBFA9CADB69B", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i5600:-:*:*:*:*:*:*:*", matchCriteriaId: "D848D43B-F994-45CF-AA53-ED0D4ACEDE8C", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i5800:-:*:*:*:*:*:*:*", matchCriteriaId: "16C46A4D-3773-4EB4-B397-D02694FC65BD", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i7600:-:*:*:*:*:*:*:*", matchCriteriaId: "842E7F16-4CB8-450F-BF18-829BAEFAF6CC", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i7800:-:*:*:*:*:*:*:*", matchCriteriaId: "E7569487-6D88-46CC-9B70-59D56DB0CE35", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:viprion_4450_blades:-:*:*:*:*:*:*:*", matchCriteriaId: "8B4ADE44-5E90-411D-B11F-941B1122B9CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "4D379372-A226-4230-B1F3-04C696518BD8", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "22FAC35D-2803-49B0-9382-F14594B88FC5", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "3C72257B-FF99-4707-A0E3-316D538B1CF6", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*", matchCriteriaId: "C1EA4F45-35F7-4687-8D1A-A5ACD846500A", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "23FF9627-E561-4CF7-A685-6E33D2F6C98C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "64273A2C-E5A1-4605-92DD-EBECC7F051D5", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E60CA151-1C3A-45B3-B939-E6F80063C595", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:*:*:*:*:*:*:*", matchCriteriaId: "58BAD5A9-9C67-4056-9344-07C8C42C8E88", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:f5:big-ip_2000s:-:*:*:*:*:*:*:*", matchCriteriaId: "EB09D38C-6314-48DF-82DB-68ED2AA2A87F", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_2200s:-:*:*:*:*:*:*:*", matchCriteriaId: "0EE3D3C8-2B7C-4336-A237-7022949B3883", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_4000s:-:*:*:*:*:*:*:*", matchCriteriaId: "A481AA79-5A01-4051-9F3D-ACC203CC9398", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_4200v:-:*:*:*:*:*:*:*", matchCriteriaId: "B1FDCC56-7608-4856-8945-3D06155150AA", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i10600:-:*:*:*:*:*:*:*", matchCriteriaId: "F768A343-E31B-4A0B-A1CE-B884BCF8DE96", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i10800:-:*:*:*:*:*:*:*", matchCriteriaId: "25711D89-A9A6-41E8-8DAB-FBFA9CADB69B", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i5600:-:*:*:*:*:*:*:*", matchCriteriaId: "D848D43B-F994-45CF-AA53-ED0D4ACEDE8C", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i5800:-:*:*:*:*:*:*:*", matchCriteriaId: "16C46A4D-3773-4EB4-B397-D02694FC65BD", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i7600:-:*:*:*:*:*:*:*", matchCriteriaId: "842E7F16-4CB8-450F-BF18-829BAEFAF6CC", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:big-ip_i7800:-:*:*:*:*:*:*:*", matchCriteriaId: "E7569487-6D88-46CC-9B70-59D56DB0CE35", vulnerable: false, }, { criteria: "cpe:2.3:h:f5:viprion_4450_blades:-:*:*:*:*:*:*:*", matchCriteriaId: "8B4ADE44-5E90-411D-B11F-941B1122B9CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "On the BIG-IP 2000s, 2200s, 4000s, 4200v, i5600, i5800, i7600, i7800, i10600,i10800, and VIPRION 4450 blades, running version 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 12.1.0, 12.1.1 or 12.1.2 of BIG-IP LTM, AAM, AFM, Analytics, ASM, DNS, GTM or PEM, an undisclosed sequence of packets sent to Virtual Servers with client or server SSL profiles may cause disruption of data plane services.", }, { lang: "es", value: "En los productos BIG-IP 2000s, 2200s, 4000s, 4200v, i5600, i5800, i7600, i7800, i10600,i10800 y los blades VIPRION 4450 en versiones 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 12.1.0, 12.1.1 o 12.1.2 de BIG-IP LTM, AAM, AFM, Analytics, ASM, DNS, GTM o PEM, una secuencia de paquetes no revelada enviada a los servidores virtuales con perfiles SSL de cliente o servidor pueden hacer que se interrumpan los servicios de plano de datos.", }, ], id: "CVE-2017-6140", lastModified: "2024-11-21T03:29:07.783", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-12-21T17:29:00.607", references: [ { source: "f5sirt@f5.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040042", }, { source: "f5sirt@f5.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K55102452", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040042", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K55102452", }, ], sourceIdentifier: "f5sirt@f5.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-12-21 17:29
Modified
2024-11-21 03:29
Severity ?
Summary
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, 12.0.0 - 12.1.2, 11.6.0 - 11.6.1 and 11.5.0 - 11.5.4, in some circumstances, Traffic Management Microkernel (TMM) does not properly handle certain malformed TLS1.2 records, which allows remote attackers to cause a denial-of-service (DoS) or possible remote command execution on the BIG-IP system.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | http://www.securitytracker.com/id/1040054 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K02714910 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040054 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K02714910 | Issue Tracking, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2A113DC2-B084-48C2-8ECF-F0281AC34246", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C1F5FF67-5D17-4760-AFDC-4234EC1E6306", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "12F86EB5-D581-4103-A802-44D968BA8D55", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "06224D59-35F8-4168-80C5-CF5B17E99050", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BA7D64DC-7271-4617-BD46-99C8246779CA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2AC4ECCE-9343-4462-872C-FA4860998B69", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "39E45CF5-C9E4-4AB9-A6D5-66F8336DDB79", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "A4489382-0668-4CFB-BA89-D54762937CEE", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "9850D0AA-B173-47B2-9B69-75E6D1FAF490", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "40994EB4-4D31-4697-964D-1F0B09864DF2", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "55D59D80-4DC5-4A84-BF42-A5AC2D39CC7A", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "93212B86-21EA-4340-9149-E58F65285C15", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "3755740D-F1DC-4910-ADDD-9D491515201C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "EA244A7D-F65D-4114-81C8-CE811959EA10", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "5EA9F72C-8344-4370-B511-31BEC8BA63E8", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "96CF015E-C74B-4215-9103-8087BC1D12AB", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "CFE4DB00-433D-414A-A1CE-E507B9BB809B", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8C4E5F36-434B-48E1-9715-4EEC22FB23D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "857B3A62-F808-4CA9-BFAD-C133D94CF531", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "25944BCA-3EEB-4396-AC8F-EF58834BC47E", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "A7D226F1-6513-4233-BE20-58D7AB24978F", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "B33B2082-E040-4799-A260-BA687ED8614E", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "A85766A4-2181-4719-ADCF-4FEA0031DB80", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "D2E93EE3-DB73-468E-87CA-4D277F283648", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "ADB01A61-1924-417F-8A75-9FDF8F14F754", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "34D75E7F-B65F-421D-92EE-6B20756019C2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "DDE31583-1329-468C-87C9-BBB8FB5132B9", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0ACC0695-E62E-4748-AA8A-46772EB8C83C", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "1C0312FC-8178-46DE-B4EE-00F2895073BA", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "C9E574F6-34B6-45A6-911D-E5347DA22F69", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "BCF94129-8779-4D68-8DD4-B828CA633746", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "BA2E88AA-0523-48D0-8664-6AFDBCB6C940", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "BCF89E7C-806E-4800-BAA9-0225433B6C56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C8FF324E-8533-403A-BEA9-617A28033CC8", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "7CB146EF-CCAB-4194-9735-F8909E283308", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "1AD2C1D2-103E-4B0F-84AA-999F01E695F0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "855E91A4-0A0C-4E5C-8019-FB513A793803", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "FCCC2092-E109-4FF6-9B85-6C9434269851", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "8923BB93-96C1-417B-9172-4A81E731EBA2", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "274E34BF-82A5-4D9E-BC72-202193A47A5A", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "7569977A-E567-4115-B00C-4B0CBA86582E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*", matchCriteriaId: "E097889C-175C-40A6-9DCF-2C03981D9349", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*", matchCriteriaId: "24B9912B-31F0-4265-8D61-0E6D46DA33DB", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "E142B175-0E9D-4051-A6B1-FF9E7583DFBA", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "9B131043-3C02-47CE-8D1C-BB29A20113E5", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "DCE4ACE8-1309-4631-9E34-A6032009B702", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "A70560C5-AEB5-4144-A0AA-10A63527B5C1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "8F2CE884-45CD-4EB8-8568-B3AEAB017361", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_dns:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "93674162-3A63-4F05-B68F-B7D54B0AAE98", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "80E2E5FE-217F-4267-AEB9-719E376D2FB0", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5EF737FD-7706-4536-912A-C22E0B2FE3C4", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "0594DBC5-8470-416C-A5EA-E04F5AB2C799", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "BD3A3BA6-6F60-45CA-8F52-687B671B077A", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "202B6870-718C-4F8D-9BAB-7ED6385BF2A7", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "EC6A3691-ADC4-44BC-8A11-D855B13EF128", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3914B25C-4E86-4C00-A199-4C9A99BA2EC4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "48D3CF2B-1D30-461B-836D-A16EAA15F5BC", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "C4A5CD9B-D257-4EC9-8C57-D9552C2FFFFC", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "AB017D7A-3290-4EF5-9647-B488771A5F32", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4F316C54-FAE4-48D8-9E40-ED358C30BF24", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E2C4414E-8016-48B5-8CC3-F97FF2D85922", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "A5AB7A86-4C18-4FCA-90A0-BA9116FF31C3", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "BDE77CCE-7F97-48EA-A9D3-090B1481616F", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "4D379372-A226-4230-B1F3-04C696518BD8", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "22FAC35D-2803-49B0-9382-F14594B88FC5", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "3C72257B-FF99-4707-A0E3-316D538B1CF6", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "42821916-E601-4831-B37B-3202ACF2C562", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "8552AED4-DC7B-4DA1-AD49-9AD856A69DC1", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", matchCriteriaId: "57010E5E-5940-4DDA-AD56-D646D54084AA", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "B45F50EB-D059-4251-AF03-DEC2F306C74C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "50A13328-66C1-4D9D-8E46-754401D5F457", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "E94FCC0F-5505-4123-B3FA-ACB90DDE276E", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "22A30CF4-7D0D-46A6-A2F4-8DC0C1AA4480", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "38245250-AE45-456F-9C40-A073AED930C6", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_websafe:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B2E56D76-1A89-46AB-9C17-CB24662FFDE7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "C6A378E8-5AD0-4640-A236-1B4655D2CDDC", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "2669BE56-A3EF-4080-A6FE-4565A85BD954", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "917BA1D9-2C47-41BE-80AF-05F5AC855945", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "D99A75D8-A712-4075-B4C2-F2AB36892619", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "0FB83BA4-2C5B-4742-8AD8-9541EB04CED5", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "BE5B11F8-1F6A-4A41-BEDE-F03BD179C443", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "6E38A7F6-B7DB-4F25-95A8-7D1DD6711FBD", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "4D3374BE-6A37-48B5-83D4-D61558A8433E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "E84D701A-96D1-43A8-B87C-0BAA6912F16E", versionEndIncluding: "11.6.1", versionStartIncluding: "11.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "2C4A4202-DBAD-4717-80E5-B6818551B20F", versionEndIncluding: "12.1.2", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:11.5.0:*:*:*:*:*:*:*", matchCriteriaId: "E47077D8-80F4-4919-913B-AC6B7CA1CEE2", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:11.5.1:*:*:*:*:*:*:*", matchCriteriaId: "6A860AAB-4E19-42C4-B37D-6043C24A3E85", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:11.5.2:*:*:*:*:*:*:*", matchCriteriaId: "67D62C27-F5CE-455A-A683-1F71E3275183", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:11.5.3:*:*:*:*:*:*:*", matchCriteriaId: "CFF200B2-C3A2-4A64-BDB7-62BA4BD865EF", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:11.5.4:*:*:*:*:*:*:*", matchCriteriaId: "E3B2FD88-64B9-4B51-BB79-0C075CAA8362", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:13.0.0:*:*:*:*:*:*:*", matchCriteriaId: "7E703FAB-BFCD-47A1-94BD-DD63879DE883", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, 12.0.0 - 12.1.2, 11.6.0 - 11.6.1 and 11.5.0 - 11.5.4, in some circumstances, Traffic Management Microkernel (TMM) does not properly handle certain malformed TLS1.2 records, which allows remote attackers to cause a denial-of-service (DoS) or possible remote command execution on the BIG-IP system.", }, { lang: "es", value: "En F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator y WebSafe en las versiones de software 13.0.0, de la 12.0.0 a la 12.1.2, de la 11.6.0 a la 11.6.1 y de la 11.5.0 a la 11.5.5.4, en algunas circunstancias, Traffic Management Microkernel (TMM) no maneja correctamente determinados registros TLS1.2 mal formados, lo que permite a los atacantes remotos causar una denegación de servicio (DoS) o, posiblemente, ejecutar comandos remotos en el sistema BIG-IP.", }, ], id: "CVE-2017-6164", lastModified: "2024-11-21T03:29:10.703", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-12-21T17:29:00.683", references: [ { source: "f5sirt@f5.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040054", }, { source: "f5sirt@f5.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K02714910", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040054", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://support.f5.com/csp/article/K02714910", }, ], sourceIdentifier: "f5sirt@f5.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }