cvelistv5 - cve-2016-7472

cve-2016-7472

Vulnerability from cvelistv5

Published

2018-04-03 13:00

Modified

2024-09-17 01:50

Severity ?

Summary

F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request.

References

URL	Tags
f5sirt@f5.com	http://www.securityfocus.com/bid/94260	Third Party Advisory, VDB Entry
f5sirt@f5.com	http://www.securityfocus.com/bid/97168	Third Party Advisory, VDB Entry
f5sirt@f5.com	http://www.securitytracker.com/id/1037275	Third Party Advisory, VDB Entry
f5sirt@f5.com	https://support.f5.com/csp/article/K17119920	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/94260	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/97168	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1037275	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K17119920	Vendor Advisory

Impacted products

Vendor

Product

Version

▼

F5 Networks, Inc.

BIG-IP ASM

Version: 12.1.0 - 12.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:57:47.650Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K17119920"
          },
          {
            "name": "1037275",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037275"
          },
          {
            "name": "94260",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94260"
          },
          {
            "name": "97168",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/97168"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP ASM",
          "vendor": "F5 Networks, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "12.1.0 - 12.1.1"
            }
          ]
        }
      ],
      "datePublic": "2016-11-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "BIG-IP ASM vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-04T09:57:01",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K17119920"
        },
        {
          "name": "1037275",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037275"
        },
        {
          "name": "94260",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/94260"
        },
        {
          "name": "97168",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/97168"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "DATE_PUBLIC": "2016-11-09T00:00:00",
          "ID": "CVE-2016-7472",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP ASM",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "12.1.0 - 12.1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5 Networks, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "BIG-IP ASM vulnerability"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K17119920",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K17119920"
            },
            {
              "name": "1037275",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037275"
            },
            {
              "name": "94260",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/94260"
            },
            {
              "name": "97168",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/97168"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2016-7472",
    "datePublished": "2018-04-03T13:00:00Z",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-09-17T01:50:32.618Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DB2118A-0F9C-4273-BB07-85FEA32C785B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8541C9EF-69A8-4641-B173-3BCE0EDD20A8\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request.\"}, {\"lang\": \"es\", \"value\": \"F5 BIG-IP ASM, de la versi\\u00f3n 12.1.0 a la 12.1.1, podr\\u00eda permitir que atacantes remotos provoquen una denegaci\\u00f3n de servicio (DoS) mediante una petici\\u00f3n HTTP manipulada.\"}]",
      "id": "CVE-2016-7472",
      "lastModified": "2024-11-21T02:58:04.227",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-04-03T13:29:00.230",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/94260\", \"source\": \"f5sirt@f5.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/97168\", \"source\": \"f5sirt@f5.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1037275\", \"source\": \"f5sirt@f5.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://support.f5.com/csp/article/K17119920\", \"source\": \"f5sirt@f5.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/94260\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/97168\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1037275\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://support.f5.com/csp/article/K17119920\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "f5sirt@f5.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-7472\",\"sourceIdentifier\":\"f5sirt@f5.com\",\"published\":\"2018-04-03T13:29:00.230\",\"lastModified\":\"2024-11-21T02:58:04.227\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request.\"},{\"lang\":\"es\",\"value\":\"F5 BIG-IP ASM, de la versi\u00f3n 12.1.0 a la 12.1.1, podr\u00eda permitir que atacantes remotos provoquen una denegaci\u00f3n de servicio (DoS) mediante una petici\u00f3n HTTP manipulada.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DB2118A-0F9C-4273-BB07-85FEA32C785B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8541C9EF-69A8-4641-B173-3BCE0EDD20A8\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/94260\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/97168\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037275\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.f5.com/csp/article/K17119920\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/94260\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/97168\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037275\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.f5.com/csp/article/K17119920\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

gsd-2016-7472

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request.

Aliases

CVE-2016-7472

Aliases

CVE-2016-7472

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-7472",
    "description": "F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request.",
    "id": "GSD-2016-7472"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-7472"
      ],
      "details": "F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request.",
      "id": "GSD-2016-7472",
      "modified": "2023-12-13T01:21:20.942592Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "f5sirt@f5.com",
        "DATE_PUBLIC": "2016-11-09T00:00:00",
        "ID": "CVE-2016-7472",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "BIG-IP ASM",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "12.1.0 - 12.1.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "F5 Networks, Inc."
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "BIG-IP ASM vulnerability"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://support.f5.com/csp/article/K17119920",
            "refsource": "CONFIRM",
            "url": "https://support.f5.com/csp/article/K17119920"
          },
          {
            "name": "1037275",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1037275"
          },
          {
            "name": "94260",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/94260"
          },
          {
            "name": "97168",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/97168"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2016-7472"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K17119920",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.f5.com/csp/article/K17119920"
            },
            {
              "name": "1037275",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1037275"
            },
            {
              "name": "97168",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/97168"
            },
            {
              "name": "94260",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/94260"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2018-05-10T13:11Z",
      "publishedDate": "2018-04-03T13:29Z"
    }
  }
}

ghsa-863x-3737-h6q4

Vulnerability from github

Published

2022-05-14 03:24

Modified

2022-05-14 03:24

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-7472"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-04-03T13:29:00Z",
    "severity": "HIGH"
  },
  "details": "F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request.",
  "id": "GHSA-863x-3737-h6q4",
  "modified": "2022-05-14T03:24:59Z",
  "published": "2022-05-14T03:24:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7472"
    },
    {
      "type": "WEB",
      "url": "https://support.f5.com/csp/article/K17119920"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/94260"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/97168"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1037275"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

cve-2016-7472

Vulnerability from fkie_nvd

Published

2018-04-03 13:29

Modified

2024-11-21 02:58

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request.

References

URL	Tags
f5sirt@f5.com	http://www.securityfocus.com/bid/94260	Third Party Advisory, VDB Entry
f5sirt@f5.com	http://www.securityfocus.com/bid/97168	Third Party Advisory, VDB Entry
f5sirt@f5.com	http://www.securitytracker.com/id/1037275	Third Party Advisory, VDB Entry
f5sirt@f5.com	https://support.f5.com/csp/article/K17119920	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/94260	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/97168	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1037275	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K17119920	Vendor Advisory

Impacted products

	Vendor	Product	Version
	f5	big-ip_application_security_manager	12.1.0
	f5	big-ip_application_security_manager	12.1.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB2118A-0F9C-4273-BB07-85FEA32C785B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8541C9EF-69A8-4641-B173-3BCE0EDD20A8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request."
    },
    {
      "lang": "es",
      "value": "F5 BIG-IP ASM, de la versi\u00f3n 12.1.0 a la 12.1.1, podr\u00eda permitir que atacantes remotos provoquen una denegaci\u00f3n de servicio (DoS) mediante una petici\u00f3n HTTP manipulada."
    }
  ],
  "id": "CVE-2016-7472",
  "lastModified": "2024-11-21T02:58:04.227",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-03T13:29:00.230",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/94260"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97168"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1037275"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K17119920"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/94260"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97168"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1037275"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K17119920"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request. F5 BIG-IP ASM Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. F5 BIG-IP ASM is prone to a remote denial-of-service vulnerability. A remote attacker can exploit this issue to cause a denial-of-service condition. BIG-IP ASM 12.1.0 and 12.1.1 are vulnerable. F5 BIG-IP ASM (Application Security Manager) is a Web Application Firewall (WAF) of F5 Corporation in the United States. It provides secure remote access, protects emails, simplifies Web access control, and enhances network and application performance

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201804-0241",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "big-ip application security manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "f5",
        "version": "12.1.1"
      },
      {
        "model": "big-ip application security manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "f5",
        "version": "12.1.0"
      },
      {
        "model": "big-ip application security manager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "f5",
        "version": "12.1.0 to  12.1.1"
      },
      {
        "model": "big-ip asm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "12.1.1"
      },
      {
        "model": "big-ip asm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "12.1.0"
      },
      {
        "model": "big-ip asm",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "12.0"
      },
      {
        "model": "big-ip asm",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.6.1"
      },
      {
        "model": "big-ip asm hf8",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.6"
      },
      {
        "model": "big-ip asm hf7",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.6"
      },
      {
        "model": "big-ip asm hf6",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.6"
      },
      {
        "model": "big-ip asm hf2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.5.4"
      },
      {
        "model": "big-ip asm hf1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.5.4"
      },
      {
        "model": "big-ip asm hf2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.5.3"
      },
      {
        "model": "big-ip asm",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.5.3"
      },
      {
        "model": "big-ip asm",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.5.2"
      },
      {
        "model": "big-ip asm hf11",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.5.1"
      },
      {
        "model": "big-ip asm hf10",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.5.1"
      },
      {
        "model": "big-ip asm",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.5.1"
      },
      {
        "model": "big-ip asm",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.5"
      },
      {
        "model": "big-ip asm hf6",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.4.1"
      },
      {
        "model": "big-ip asm hf5",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.4.1"
      },
      {
        "model": "big-ip asm hf4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.4.1"
      },
      {
        "model": "big-ip asm hf3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.4.1"
      },
      {
        "model": "big-ip asm hf2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.4.1"
      },
      {
        "model": "big-ip asm hf1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.4.1"
      },
      {
        "model": "big-ip asm hf9",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.4"
      },
      {
        "model": "big-ip asm hf8",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.4"
      },
      {
        "model": "big-ip asm hf10",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.4"
      },
      {
        "model": "big-ip asm",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.4"
      },
      {
        "model": "big-ip asm",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "10.2.4"
      },
      {
        "model": "big-ip asm",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "10.2.3"
      },
      {
        "model": "big-ip asm",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "10.2.2"
      },
      {
        "model": "big-ip asm",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "10.2.1"
      },
      {
        "model": "big-ip asm hf1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "12.1.1"
      },
      {
        "model": "big-ip asm hf5",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.6.0"
      },
      {
        "model": "big-ip asm hf4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.6.0"
      },
      {
        "model": "big-ip asm",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.6.0"
      },
      {
        "model": "big-ip asm",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.5.4"
      },
      {
        "model": "big-ip asm hf1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.5.3"
      },
      {
        "model": "big-ip asm hf9",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.4.1"
      },
      {
        "model": "big-ip asm hf8",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.4.1"
      },
      {
        "model": "big-ip asm hf10",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.4.1"
      },
      {
        "model": "big-ip asm",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.4.1"
      },
      {
        "model": "big-ip asm",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "f5",
        "version": "11.2.1"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "94260"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-009009"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7472"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-366"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-7472"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported the issue.",
    "sources": [
      {
        "db": "BID",
        "id": "94260"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2016-7472",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2016-7472",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-96292",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2016-7472",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2016-7472",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201611-366",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-96292",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-96292"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-009009"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7472"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-366"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request. F5 BIG-IP ASM Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. F5 BIG-IP ASM is prone to a remote denial-of-service vulnerability. \nA remote attacker can exploit this issue to cause a denial-of-service condition. \nBIG-IP ASM 12.1.0 and 12.1.1 are vulnerable. F5 BIG-IP ASM (Application Security Manager) is a Web Application Firewall (WAF) of F5 Corporation in the United States. It provides secure remote access, protects emails, simplifies Web access control, and enhances network and application performance",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-7472"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-009009"
      },
      {
        "db": "BID",
        "id": "94260"
      },
      {
        "db": "VULHUB",
        "id": "VHN-96292"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-7472",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "94260",
        "trust": 2.0
      },
      {
        "db": "BID",
        "id": "97168",
        "trust": 1.1
      },
      {
        "db": "SECTRACK",
        "id": "1037275",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-009009",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-366",
        "trust": 0.7
      },
      {
        "db": "NSFOCUS",
        "id": "36250",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-96292",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-96292"
      },
      {
        "db": "BID",
        "id": "94260"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-009009"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7472"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-366"
      }
    ]
  },
  "id": "VAR-201804-0241",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-96292"
      }
    ],
    "trust": 0.55944443
  },
  "last_update_date": "2023-12-18T12:37:29.478000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "K17119920",
        "trust": 0.8,
        "url": "https://support.f5.com/csp/article/k17119920"
      },
      {
        "title": "F5 BIG-IP ASM Remediation measures for remote denial of service vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65725"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-009009"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-366"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-96292"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-009009"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7472"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/94260"
      },
      {
        "trust": 1.7,
        "url": "https://support.f5.com/csp/article/k17119920"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/97168"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1037275"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7472"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-7472"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/36250"
      },
      {
        "trust": 0.3,
        "url": "http://www.f5.com/products/big-ip/"
      },
      {
        "trust": 0.3,
        "url": "https://support.f5.com/kb/en-us/solutions/public/k/17/sol17119920.html"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-96292"
      },
      {
        "db": "BID",
        "id": "94260"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-009009"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7472"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-366"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-96292"
      },
      {
        "db": "BID",
        "id": "94260"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-009009"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7472"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-366"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-04-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-96292"
      },
      {
        "date": "2016-11-09T00:00:00",
        "db": "BID",
        "id": "94260"
      },
      {
        "date": "2018-06-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-009009"
      },
      {
        "date": "2018-04-03T13:29:00.230000",
        "db": "NVD",
        "id": "CVE-2016-7472"
      },
      {
        "date": "2016-11-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201611-366"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-05-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-96292"
      },
      {
        "date": "2016-11-24T01:09:00",
        "db": "BID",
        "id": "94260"
      },
      {
        "date": "2018-06-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-009009"
      },
      {
        "date": "2018-05-10T13:11:32.053000",
        "db": "NVD",
        "id": "CVE-2016-7472"
      },
      {
        "date": "2018-12-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201611-366"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-366"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "F5 BIG-IP ASM Input validation vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-009009"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-366"
      }
    ],
    "trust": 1.4
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-366"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2016-7472

Vulnerability from cvelistv5

gsd-2016-7472

Vulnerability from gsd

ghsa-863x-3737-h6q4

Vulnerability from github

cve-2016-7472

Vulnerability from fkie_nvd

var-201804-0241

Vulnerability from variot

Tags

Sightings

Nomenclature