fkie_cve-2017-6161
Vulnerability from fkie_nvd
Published
2017-10-27 14:29
Modified
2024-11-21 03:29
Severity ?
5.3 (Medium) - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypted and authenticate connections to mcpd. This vulnerability may allow remote attackers to cause a denial-of-service (DoS) attack via resource exhaustion.
References
f5sirt@f5.comhttp://www.securityfocus.com/bid/101636Third Party Advisory, VDB Entry
f5sirt@f5.comhttp://www.securitytracker.com/id/1039675Third Party Advisory, VDB Entry
f5sirt@f5.comhttp://www.securitytracker.com/id/1039676Third Party Advisory, VDB Entry
f5sirt@f5.comhttps://support.f5.com/csp/article/K62279530Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/101636Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1039675Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1039676Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K62279530Vendor Advisory
Impacted products
Vendor Product Version
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager 11.2.1
f5 big-ip_local_traffic_manager 11.6.0
f5 big-ip_local_traffic_manager 11.6.1
f5 big-ip_local_traffic_manager 12.0.0
f5 big-ip_local_traffic_manager 12.1.0
f5 big-ip_local_traffic_manager 12.1.1
f5 big-ip_local_traffic_manager 12.1.2
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager 11.2.1
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_application_acceleration_manager 11.6.1
f5 big-ip_application_acceleration_manager 12.0.0
f5 big-ip_application_acceleration_manager 12.1.0
f5 big-ip_application_acceleration_manager 12.1.1
f5 big-ip_application_acceleration_manager 12.1.2
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager 11.2.1
f5 big-ip_advanced_firewall_manager 11.6.0
f5 big-ip_advanced_firewall_manager 11.6.1
f5 big-ip_advanced_firewall_manager 12.0.0
f5 big-ip_advanced_firewall_manager 12.1.0
f5 big-ip_advanced_firewall_manager 12.1.1
f5 big-ip_advanced_firewall_manager 12.1.2
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager 11.2.1
f5 big-ip_access_policy_manager 11.6.0
f5 big-ip_access_policy_manager 11.6.1
f5 big-ip_access_policy_manager 12.0.0
f5 big-ip_access_policy_manager 12.1.0
f5 big-ip_access_policy_manager 12.1.1
f5 big-ip_access_policy_manager 12.1.2
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager 11.2.1
f5 big-ip_application_security_manager 11.6.0
f5 big-ip_application_security_manager 11.6.1
f5 big-ip_application_security_manager 12.0.0
f5 big-ip_application_security_manager 12.1.0
f5 big-ip_application_security_manager 12.1.1
f5 big-ip_application_security_manager 12.1.2
f5 big-ip_link_controller *
f5 big-ip_link_controller 11.2.1
f5 big-ip_link_controller 11.6.0
f5 big-ip_link_controller 11.6.1
f5 big-ip_link_controller 12.0.0
f5 big-ip_link_controller 12.1.0
f5 big-ip_link_controller 12.1.1
f5 big-ip_link_controller 12.1.2
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager 11.2.1
f5 big-ip_policy_enforcement_manager 11.6.0
f5 big-ip_policy_enforcement_manager 11.6.1
f5 big-ip_policy_enforcement_manager 12.0.0
f5 big-ip_policy_enforcement_manager 12.1.0
f5 big-ip_policy_enforcement_manager 12.1.1
f5 big-ip_policy_enforcement_manager 12.1.2
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system 11.2.1
f5 big-ip_domain_name_system 11.6.0
f5 big-ip_domain_name_system 11.6.1
f5 big-ip_domain_name_system 12.0.0
f5 big-ip_domain_name_system 12.1.0
f5 big-ip_domain_name_system 12.1.1
f5 big-ip_domain_name_system 12.1.2
f5 big-ip_edge_gateway 11.2.1
f5 big-ip_edge_gateway 11.4.0
f5 big-ip_edge_gateway 11.4.1
f5 big-ip_edge_gateway 11.5.0
f5 big-ip_edge_gateway 11.5.1
f5 big-ip_edge_gateway 11.5.2
f5 big-ip_edge_gateway 11.5.3
f5 big-ip_edge_gateway 11.5.4
f5 big-ip_edge_gateway 11.5.5
f5 big-ip_edge_gateway 11.6.0
f5 big-ip_edge_gateway 11.6.1
f5 big-ip_edge_gateway 12.0.0
f5 big-ip_edge_gateway 12.1.0
f5 big-ip_edge_gateway 12.1.1
f5 big-ip_edge_gateway 12.1.2
f5 big-ip_global_traffic_manager 11.2.1
f5 big-ip_global_traffic_manager 11.4.0
f5 big-ip_global_traffic_manager 11.4.1
f5 big-ip_global_traffic_manager 11.5.0
f5 big-ip_global_traffic_manager 11.5.1
f5 big-ip_global_traffic_manager 11.5.2
f5 big-ip_global_traffic_manager 11.5.3
f5 big-ip_global_traffic_manager 11.5.4
f5 big-ip_global_traffic_manager 11.6.0
f5 big-ip_global_traffic_manager 11.6.1
f5 big-ip_global_traffic_manager 12.0.0
f5 big-ip_global_traffic_manager 12.1.0
f5 big-ip_global_traffic_manager 12.1.1
f5 big-ip_global_traffic_manager 12.1.2
f5 big-ip_webaccelerator 11.2.1
f5 big-ip_webaccelerator 11.4.0
f5 big-ip_webaccelerator 11.4.1
f5 big-ip_webaccelerator 11.5.0
f5 big-ip_webaccelerator 11.5.1
f5 big-ip_webaccelerator 11.5.2
f5 big-ip_webaccelerator 11.5.3
f5 big-ip_webaccelerator 11.5.4
f5 big-ip_webaccelerator 11.5.5
f5 big-ip_webaccelerator 11.6.0
f5 big-ip_webaccelerator 11.6.1
f5 big-ip_webaccelerator 11.6.2
f5 big-ip_webaccelerator 12.0.0
f5 big-ip_webaccelerator 12.1.0
f5 big-ip_webaccelerator 12.1.1
f5 big-ip_webaccelerator 12.1.2


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACDEDBC9-73B5-409D-A228-7106AFB705DA",
              "versionEndIncluding": "11.5.4",
              "versionStartIncluding": "11.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EA336A-8055-4DA8-8F79-07C4ADE83E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2B502F2-404C-463B-B6BE-87489DC881F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82C7B1C-E195-4D94-B604-78FB464C4F81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F6C3144-D0DE-4248-BFCD-04A7E6104044",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0357B5ED-0600-4756-93E5-692987068596",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA9C9391-E577-4A88-BA53-4DDAE6D3CA08",
              "versionEndIncluding": "11.5.4",
              "versionStartIncluding": "11.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "05EAC483-AD5B-41C2-98F1-A186E2DCB04E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BE0210-7058-462A-BA17-845D3E4F52FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECA90FB8-E2CD-400F-B753-1B482E7FAC96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FEC804B-35DB-4A0C-9AEA-15527E0CC1B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEB228A9-0C01-4531-B2B2-38BB7B0E02E9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B786919A-15D8-4A17-B0BE-3E4313CCFF63",
              "versionEndIncluding": "11.5.4",
              "versionStartIncluding": "11.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FDC1C0F-A00A-456C-AB51-CD139B15CB61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBAB92C5-2D50-49CC-AECA-0D16BC44A788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC827031-CA39-4081-8CE0-30EAC78DF756",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7569903B-3A15-4A10-863B-6828337DD268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "45825991-D17D-42F1-87B4-7DF86B098B45",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ADD8BEA-9FFF-467F-92E9-C855B439936E",
              "versionEndIncluding": "11.5.4",
              "versionStartIncluding": "11.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB630A86-FB84-4199-9E4D-38EB620806CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E33BCA5B-CE91-451C-9821-2023A9E461C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD2044C-AC6F-4145-B1A0-8EB26DCF1F8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FC866D4-CE8C-4408-AD1E-8643AC554CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7563D979-BE37-4251-B92E-0DBDBE53F3FF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E722C9E-034C-4905-8C6F-48DB78DEFCE0",
              "versionEndIncluding": "11.5.4",
              "versionStartIncluding": "11.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A635FEC4-4F52-4971-A67D-47E68108E4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94DBCD7A-E4DA-4C08-87A4-960CF53A83E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DB2118A-0F9C-4273-BB07-85FEA32C785B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8541C9EF-69A8-4641-B173-3BCE0EDD20A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E24A3C71-0075-4738-B114-267337D050CD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BA07A5E-D649-4725-9E2B-5BF496296151",
              "versionEndIncluding": "11.5.4",
              "versionStartIncluding": "11.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD53088-3BD4-4AF9-8934-4905231A75E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C641B4F-DCFF-4A1B-9E00-EDF18A270241",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBBB6E7C-DA1A-479F-9DD2-DE0C3CA82E92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4913B437-33FF-4B5E-A855-9DA00B35E3B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDCFE65B-340B-4F7D-93A1-4390BBC8E67F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A89726B-93EB-4F49-B395-017CA90F1399",
              "versionEndIncluding": "11.5.4",
              "versionStartIncluding": "11.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D964BBB4-B343-43C6-A7A1-39BD9E1EEA16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1EA4F45-35F7-4687-8D1A-A5ACD846500A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "64273A2C-E5A1-4605-92DD-EBECC7F051D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E60CA151-1C3A-45B3-B939-E6F80063C595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "58BAD5A9-9C67-4056-9344-07C8C42C8E88",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B665A630-6F88-437B-876F-0FEE9D624F41",
              "versionEndIncluding": "11.5.4",
              "versionStartIncluding": "11.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DE6A792-9D75-4BAF-A8BA-DC5879948BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F67B3922-08D2-4DB0-8FD8-9C7A3DD601C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26E6EC85-AEDB-41DB-95A9-5514980C2C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DD7394-BD0A-42FD-A367-827F35397A20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "98509F74-301A-4D1F-A2B4-B01B80CEFFCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E87FFF5F-5BB1-4E2F-BD15-3BA7C9B26FEA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3136A8D1-3D0D-46B3-9A3A-737074864F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "81A68381-C065-48D4-8FE4-8CB31216D70D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5C660E2-2B4D-40A2-9111-19A15307724A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "917BA1D9-2C47-41BE-80AF-05F5AC855945",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D99A75D8-A712-4075-B4C2-F2AB36892619",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FB83BA4-2C5B-4742-8AD8-9541EB04CED5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE5B11F8-1F6A-4A41-BEDE-F03BD179C443",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E38A7F6-B7DB-4F25-95A8-7D1DD6711FBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1277379D-D837-494B-ACB5-26176A411360",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF86B6C1-643B-4556-98B9-41DEEE631390",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "86BA400B-F025-4DB9-BA37-53D7A393994D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C88F1A8-9396-4439-B4DA-C04A31C4ADF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "54E320DA-476A-4C16-B970-A2619E9848EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C15929A-8038-4BFF-A035-C48FEB0FF4A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E760533-14D1-4549-8448-DAF37C05EEE7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84452450-77FA-4708-9C86-5464D541C8ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E4CC3E0-F9B8-433F-A2B0-2306144F9B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8993275-E17E-4A69-8D95-A8229E0E88D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594DBC5-8470-416C-A5EA-E04F5AB2C799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50BF19F-71B4-47C0-A96E-6EB90FCC6AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3A3BA6-6F60-45CA-8F52-687B671B077A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "202B6870-718C-4F8D-9BAB-7ED6385BF2A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6A3691-ADC4-44BC-8A11-D855B13EF128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D7863D-B064-4D7A-A66B-C3D3523425FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "911BB6DB-B2D1-4855-A65C-F0799E034358",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44D161F9-D198-4DA0-BF95-19472A0495A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "06E2C448-F279-476E-9F54-185582BEE9E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5943AAEF-A816-4F95-A91F-023A226D6459",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "72E78A8D-6CB6-49F9-9288-9C2EEF41441A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCC81-2F1D-4EF5-956B-085FB7FEFAE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C804A448-2911-4F56-B8AC-574504E7C84C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2672446D-CDB1-4EB0-8319-843AAD1A99BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E47077D8-80F4-4919-913B-AC6B7CA1CEE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A860AAB-4E19-42C4-B37D-6043C24A3E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "67D62C27-F5CE-455A-A683-1F71E3275183",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF200B2-C3A2-4A64-BDB7-62BA4BD865EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3B2FD88-64B9-4B51-BB79-0C075CAA8362",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E82D861-4AEC-49B1-9B92-C55109CA000B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FB9AC84-D862-456D-A34E-14C3A6A1F869",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8894E5E8-FC08-48E5-BF06-6F5AC814CBF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:11.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F83577A-E8CD-4956-8700-F4AA9983740C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB00BC5F-0456-4B65-8CD4-DB4529038824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:12.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5E10E98-9010-45A6-B8B0-23654951105D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9522967-4502-482E-AAEF-4D4C4B306BAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF1300A-6B4D-4BEF-9295-EDE60C496A8E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypted and authenticate connections to mcpd. This vulnerability may allow remote attackers to cause a denial-of-service (DoS) attack via resource exhaustion."
    },
    {
      "lang": "es",
      "value": "En F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator en versiones de software de la 12.0.0 a la 12.1.2, de la 11.6.0 a la 11.6.1, de la 11.4.0 a la 11.5.4 y en la versi\u00f3n 11.2.1, cuando ConfigSync est\u00e1 configurado, los atacantes en redes adyacentes pueden omitir las protecciones TLS, normalmente utilizadas para cifrar y autenticar conexiones al mcpd. Esta vulnerabilidad podr\u00eda permitir que atacantes remotos provoquen un ataque de denegaci\u00f3n de servicio (DoS) mediante el agotamiento de recursos."
    }
  ],
  "id": "CVE-2017-6161",
  "lastModified": "2024-11-21T03:29:10.300",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.9,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 5.5,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-10-27T14:29:00.390",
  "references": [
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101636"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039675"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039676"
    },
    {
      "source": "f5sirt@f5.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K62279530"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101636"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039676"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K62279530"
    }
  ],
  "sourceIdentifier": "f5sirt@f5.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.