cve-2017-6163
Vulnerability from cvelistv5
Published
2017-10-27 14:00
Modified
2024-09-16 20:37
Severity ?
EPSS score ?
Summary
In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a number of concurrent streams beyond the advertised limit can cause a disruption of service. Remote client initiating stream beyond the advertised limit can cause a disruption of service. The Traffic Management Microkernel (TMM) data plane is exposed to this issue; the control plane is not exposed.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | http://www.securityfocus.com/bid/101606 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | http://www.securitytracker.com/id/1039671 | Third Party Advisory, VDB Entry | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K22541983 | Vendor Advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:18:49.907Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039671",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039671"
},
{
"name": "101606",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101606"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K22541983"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "12.0.0 - 12.1.2"
},
{
"status": "affected",
"version": "11.6.0 \u0026#xe2"
},
{
"status": "affected",
"version": "\u0026#x80"
},
{
"status": "affected",
"version": "\" 11.6.1"
},
{
"status": "affected",
"version": "11.4.0 \u0026#xe2"
},
{
"status": "affected",
"version": "\" 11.5.4"
}
]
}
],
"datePublic": "2017-10-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a number of concurrent streams beyond the advertised limit can cause a disruption of service. Remote client initiating stream beyond the advertised limit can cause a disruption of service. The Traffic Management Microkernel (TMM) data plane is exposed to this issue; the control plane is not exposed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-01T09:57:01",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"name": "1039671",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039671"
},
{
"name": "101606",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101606"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K22541983"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"DATE_PUBLIC": "2017-10-26T00:00:00",
"ID": "CVE-2017-6163",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM",
"version": {
"version_data": [
{
"version_value": "12.0.0 - 12.1.2"
},
{
"version_value": "11.6.0 \u0026#xe2"
},
{
"version_value": "\u0026#x80"
},
{
"version_value": "\" 11.6.1"
},
{
"version_value": "11.4.0 \u0026#xe2"
},
{
"version_value": "\u0026#x80"
},
{
"version_value": "\" 11.5.4"
}
]
}
}
]
},
"vendor_name": "F5 Networks, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a number of concurrent streams beyond the advertised limit can cause a disruption of service. Remote client initiating stream beyond the advertised limit can cause a disruption of service. The Traffic Management Microkernel (TMM) data plane is exposed to this issue; the control plane is not exposed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039671",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039671"
},
{
"name": "101606",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101606"
},
{
"name": "https://support.f5.com/csp/article/K22541983",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K22541983"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2017-6163",
"datePublished": "2017-10-27T14:00:00Z",
"dateReserved": "2017-02-21T00:00:00",
"dateUpdated": "2024-09-16T20:37:49.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2017-6163\",\"sourceIdentifier\":\"f5sirt@f5.com\",\"published\":\"2017-10-27T14:29:00.483\",\"lastModified\":\"2017-11-16T19:18:50.640\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a number of concurrent streams beyond the advertised limit can cause a disruption of service. Remote client initiating stream beyond the advertised limit can cause a disruption of service. The Traffic Management Microkernel (TMM) data plane is exposed to this issue; the control plane is not exposed.\"},{\"lang\":\"es\",\"value\":\"En F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM en versiones de software de la 12.0.0 a la 12.1.2, de la 11.6.0 a la 11.6.1 y de la 11.4.0 a la 11.5.4, cuando un servidor virtual utiliza la configuraci\u00f3n est\u00e1ndar de los perfiles SPDY o HTTP/2 con un perfil Client SSL y el cliente inicia un n\u00famero de transmisiones concurrentes superior al l\u00edmite establecido, se puede provocar una interrupci\u00f3n del servicio. El cliente remoto que inicia una transmisi\u00f3n m\u00e1s all\u00e1 del l\u00edmite establecido puede provocar una interrupci\u00f3n del servicio. El plano de datos del TMM (Traffic Management Kernel) est\u00e1 expuesto a este problema. El plano de control no est\u00e1 expuesto.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":4.3},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.4.0\",\"versionEndIncluding\":\"11.5.3\",\"matchCriteriaId\":\"D5D5E66B-9666-4B6D-BB8B-B640188968E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FF5A5F6-4BA3-4276-8679-B5560EACF2E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2B502F2-404C-463B-B6BE-87489DC881F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A82C7B1C-E195-4D94-B604-78FB464C4F81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F6C3144-D0DE-4248-BFCD-04A7E6104044\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0357B5ED-0600-4756-93E5-692987068596\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.4.0\",\"versionEndIncluding\":\"11.5.4\",\"matchCriteriaId\":\"DBBAEB39-4C78-483E-B60D-CE3607C65389\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5B40837-EC2B-41FB-ACC3-806054EAF28C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48BE0210-7058-462A-BA17-845D3E4F52FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CA2FA6B-3930-432F-8FB5-E73604CEFE42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECA90FB8-E2CD-400F-B753-1B482E7FAC96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FEC804B-35DB-4A0C-9AEA-15527E0CC1B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEB228A9-0C01-4531-B2B2-38BB7B0E02E9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.4.0\",\"versionEndIncluding\":\"11.5.4\",\"matchCriteriaId\":\"26066159-46E1-4D70-A03A-EB9A167ABC92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B276E4DF-69FC-4158-B93A-781A45605034\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBAB92C5-2D50-49CC-AECA-0D16BC44A788\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"532AAF54-64EF-4852-B4F1-D5E660463704\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC827031-CA39-4081-8CE0-30EAC78DF756\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7569903B-3A15-4A10-863B-6828337DD268\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45825991-D17D-42F1-87B4-7DF86B098B45\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.0\",\"versionEndIncluding\":\"11.5.4\",\"matchCriteriaId\":\"7ADD8BEA-9FFF-467F-92E9-C855B439936E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFA77C6B-72DB-4D57-87CF-11F2C7EDB828\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E33BCA5B-CE91-451C-9821-2023A9E461C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCD2044C-AC6F-4145-B1A0-8EB26DCF1F8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FC866D4-CE8C-4408-AD1E-8643AC554CC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7563D979-BE37-4251-B92E-0DBDBE53F3FF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.0\",\"versionEndIncluding\":\"11.5.4\",\"matchCriteriaId\":\"6E722C9E-034C-4905-8C6F-48DB78DEFCE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"475F0EF8-42CB-4099-9C4A-390F946C4924\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94DBCD7A-E4DA-4C08-87A4-960CF53A83E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62B0A70A-D101-443E-A543-5EC35E23D66F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DB2118A-0F9C-4273-BB07-85FEA32C785B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8541C9EF-69A8-4641-B173-3BCE0EDD20A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E24A3C71-0075-4738-B114-267337D050CD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.0\",\"versionEndIncluding\":\"11.5.4\",\"matchCriteriaId\":\"4BA07A5E-D649-4725-9E2B-5BF496296151\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CDEC701-DAB3-4D92-AA67-B886E6693E46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C641B4F-DCFF-4A1B-9E00-EDF18A270241\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E90C12AF-44BA-44A2-89ED-0C2497EEC8A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBBB6E7C-DA1A-479F-9DD2-DE0C3CA82E92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:12.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4913B437-33FF-4B5E-A855-9DA00B35E3B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:12.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDCFE65B-340B-4F7D-93A1-4390BBC8E67F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.0\",\"versionEndIncluding\":\"11.5.4\",\"matchCriteriaId\":\"8A89726B-93EB-4F49-B395-017CA90F1399\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1EA4F45-35F7-4687-8D1A-A5ACD846500A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23FF9627-E561-4CF7-A685-6E33D2F6C98C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64273A2C-E5A1-4605-92DD-EBECC7F051D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E60CA151-1C3A-45B3-B939-E6F80063C595\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58BAD5A9-9C67-4056-9344-07C8C42C8E88\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*\",\"versionStartExcluding\":\"11.4.0\",\"versionEndIncluding\":\"11.5.4\",\"matchCriteriaId\":\"8D95A60B-FD05-4701-A2F8-CA675416A41D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_protocol_security_module:11.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1A04AE2-1877-49DC-ACF2-FE741CBF9A60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_protocol_security_module:11.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B012CDE-BE1C-4F32-8500-B9E221CC53D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_protocol_security_module:12.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E717BBE7-F15A-4B41-BEF8-43FC5E9F4E0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_protocol_security_module:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8574970-8827-4332-93AA-791AC582294E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_protocol_security_module:12.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E608782B-6330-4B14-8E40-4C906E9D6909\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_protocol_security_module:12.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FBDC10C-6594-4554-ABF8-A5F6B7576676\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/101606\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039671\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.f5.com/csp/article/K22541983\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.