var-201709-0914
Vulnerability from variot
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe 12.1.2-HF1 and 13.0.0, an undisclosed type of responses may cause TMM to restart, causing an interruption of service when "SSL Forward Proxy" setting is enabled in both the Client and Server SSL profiles assigned to a BIG-IP Virtual Server. plural F5 BIG-IP The product contains an access control vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Multiple F5 BIG-IP products are prone to a denial-of-service vulnerability. An attacker can exploit this issue to restart the device, resulting in denial-of-service condition. F5 BIG-IP Analytics and others are products of F5 Corporation of the United States. F5 BIG-IP Analytics is a suite of web application performance analysis software. APM is a set of solutions that provide secure and unified access to business-critical applications and networks. LTM is a local traffic manager. An attacker could exploit this vulnerability with a sequence of requests to cause a denial of service (Traffic Management Microkernel restart and traffic interruption). The following products and versions are affected: F5 BIG-IP LTM Release 13.0.0, Release 12.1.2 HF1; BIG-IP AAM Release 13.0.0, Release 12.1.2 HF1; BIG-IP AFM Release 13.0.0, Release 12.1.2 HF1 version; BIG-IP Analytics version 13.0.0, 12.1.2 HF1 version; BIG-IP APM version 13.0.0, 12.1.2 HF1 version; BIG-IP ASM version 13.0.0, 12.1.2 HF1 version; IP DNS Version 13.0.0, Version 12.1.2 HF1; BIG-IP Link Controller Version 13.0.0, Version 12.1.2 HF1; BIG-IP PEM Version 13.0.0, Version 12.1.2 HF1; BIG-IP WebSafe 13.0. 0 version, 12.1.2 HF1 version
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-0914",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip websafe",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip websafe",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip access policy manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip advanced firewall manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip analytics",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip application acceleration manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip application security manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip domain name system",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip link controller",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip local traffic manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip policy enforcement manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip websafe",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip websafe",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.0"
},
{
"model": "big-ip websafe hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.0"
},
{
"model": "big-ip pem hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.0"
},
{
"model": "big-ip ltm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.0"
},
{
"model": "big-ip link controller hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.0"
},
{
"model": "big-ip dns hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.0"
},
{
"model": "big-ip asm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.0"
},
{
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.0"
},
{
"model": "big-ip analytics hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.0"
},
{
"model": "big-ip afm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "13.0"
},
{
"model": "big-ip aam hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip websafe",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip websafe",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "big-ip websafe hf2",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-ip websafe hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-ip websafe",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-ip websafe hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip websafe hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip websafe hf2",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip websafe hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip websafe",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "big-ip pem hf2",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-ip pem hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-ip pem hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip pem hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip pem hf2",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip pem hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "big-ip ltm hf2",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-ip ltm hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-ip ltm hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip ltm build",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip ltm hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip ltm hf2",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip ltm hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "big-ip link controller hf2",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-ip link controller hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-ip link controller hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip link controller hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip link controller hf2",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip link controller build",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip link controller hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "big-ip dns hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip dns hf2",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip dns build",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"model": "big-ip dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip dns hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "big-ip asm hf2",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-ip asm hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-ip asm hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip asm hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip asm hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip asm hf2",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip asm hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "big-ip apm hf2",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-ip apm hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-ip apm hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip apm hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip apm hf2",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip apm build",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip apm hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "big-ip analytics build",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip analytics hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip analytics hf2",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip analytics hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.2"
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "big-ip afm hf2",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-ip afm hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-ip afm hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip afm build",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip afm hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip afm hf2",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip afm hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
}
],
"sources": [
{
"db": "BID",
"id": "100981"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008410"
},
{
"db": "NVD",
"id": "CVE-2017-6147"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-773"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:12.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:12.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_websafe:13.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_websafe:12.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6147"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "100981"
}
],
"trust": 0.3
},
"cve": "CVE-2017-6147",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-6147",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-114350",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 5.9,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-6147",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-6147",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201702-773",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-114350",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114350"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008410"
},
{
"db": "NVD",
"id": "CVE-2017-6147"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-773"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe 12.1.2-HF1 and 13.0.0, an undisclosed type of responses may cause TMM to restart, causing an interruption of service when \"SSL Forward Proxy\" setting is enabled in both the Client and Server SSL profiles assigned to a BIG-IP Virtual Server. plural F5 BIG-IP The product contains an access control vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Multiple F5 BIG-IP products are prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to restart the device, resulting in denial-of-service condition. F5 BIG-IP Analytics and others are products of F5 Corporation of the United States. F5 BIG-IP Analytics is a suite of web application performance analysis software. APM is a set of solutions that provide secure and unified access to business-critical applications and networks. LTM is a local traffic manager. An attacker could exploit this vulnerability with a sequence of requests to cause a denial of service (Traffic Management Microkernel restart and traffic interruption). The following products and versions are affected: F5 BIG-IP LTM Release 13.0.0, Release 12.1.2 HF1; BIG-IP AAM Release 13.0.0, Release 12.1.2 HF1; BIG-IP AFM Release 13.0.0, Release 12.1.2 HF1 version; BIG-IP Analytics version 13.0.0, 12.1.2 HF1 version; BIG-IP APM version 13.0.0, 12.1.2 HF1 version; BIG-IP ASM version 13.0.0, 12.1.2 HF1 version; IP DNS Version 13.0.0, Version 12.1.2 HF1; BIG-IP Link Controller Version 13.0.0, Version 12.1.2 HF1; BIG-IP PEM Version 13.0.0, Version 12.1.2 HF1; BIG-IP WebSafe 13.0. 0 version, 12.1.2 HF1 version",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6147"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008410"
},
{
"db": "BID",
"id": "100981"
},
{
"db": "VULHUB",
"id": "VHN-114350"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-6147",
"trust": 2.8
},
{
"db": "BID",
"id": "100981",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008410",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201702-773",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-114350",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114350"
},
{
"db": "BID",
"id": "100981"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008410"
},
{
"db": "NVD",
"id": "CVE-2017-6147"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-773"
}
]
},
"id": "VAR-201709-0914",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-114350"
}
],
"trust": 0.52026261
},
"last_update_date": "2023-12-18T13:08:42.748000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "K43945001",
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k43945001"
},
{
"title": "Multiple F5 Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=99650"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008410"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-773"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114350"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008410"
},
{
"db": "NVD",
"id": "CVE-2017-6147"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://support.f5.com/csp/article/k43945001"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/100981"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6147"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6147"
},
{
"trust": 0.3,
"url": "http://www.f5.com/products/big-ip/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114350"
},
{
"db": "BID",
"id": "100981"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008410"
},
{
"db": "NVD",
"id": "CVE-2017-6147"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-773"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-114350"
},
{
"db": "BID",
"id": "100981"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008410"
},
{
"db": "NVD",
"id": "CVE-2017-6147"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-773"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-18T00:00:00",
"db": "VULHUB",
"id": "VHN-114350"
},
{
"date": "2017-09-20T00:00:00",
"db": "BID",
"id": "100981"
},
{
"date": "2017-10-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008410"
},
{
"date": "2017-09-18T17:29:01.907000",
"db": "NVD",
"id": "CVE-2017-6147"
},
{
"date": "2017-02-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-773"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-114350"
},
{
"date": "2017-09-20T00:00:00",
"db": "BID",
"id": "100981"
},
{
"date": "2017-10-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008410"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-6147"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-773"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-773"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural F5 BIG-IP Access control vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008410"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-773"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.