var-201604-0592
Vulnerability from variot
F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP DNS 12.0.0 before build 1.14.628; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, and 11.6.0 before build 6.204.442; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 build 685-HF10; BIG-IQ Cloud, Device, and Security 4.2.0 through 4.5.0; and BIG-IQ ADC 4.5.0 do not properly regenerate certificates and keys when deploying cloud images in Amazon Web Services (AWS), Azure or Verizon cloud services environments, which allows attackers to obtain sensitive information or cause a denial of service (disruption) by leveraging a target instance configuration. plural F5 Products, Amazon Web Services (AWS) , Azure Or Verizon When a cloud image is deployed in a cloud service environment, credentials and keys are not properly regenerated, so important information is obtained or service operation is disrupted ( Interruption ) There are vulnerabilities that are put into a state.By the attacker, Target Instance By using the settings, important information is obtained or service operation is interrupted ( Interruption ) There is a possibility of being put into a state. Multiple F5 BIG-IP products are prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a denial-of-service condition. F5 BIG-IP LTM, etc. are all products of F5 Company in the United States. LTM is a local traffic manager; APM is a solution that provides secure unified access to business-critical applications and networks. A security vulnerability exists in several F5 BIG-IP and BIG-IQ products due to the program not properly regenerating certificates and keys. An attacker could exploit this vulnerability to disclose sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201604-0592",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "4.5.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "4.3.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 1.6,
"vendor": "f5",
"version": "4.4.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.3.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.2.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip protocol security module",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.5.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip protocol security module",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "big-ip wan optimization manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.2.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.4.0"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-iq application delivery controller",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.5.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.4.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.3.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.5.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.2.0"
},
{
"model": "big-ip access policy manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip advanced firewall manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip analytics",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip application acceleration manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip application security manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip domain name system",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip global traffic manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip link controller",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip local traffic manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip policy enforcement manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip protocol security module",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip wan optimization manager",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-ip webaccelerator",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-iq application delivery controller",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-iq cloud",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-iq device",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "big-iq security",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "bigip webaccelerator",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
}
],
"sources": [
{
"db": "BID",
"id": "86023"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002281"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-257"
},
{
"db": "NVD",
"id": "CVE-2016-2084"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:f5:big-ip_access_policy_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_advanced_firewall_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_analytics",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_application_acceleration_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_application_security_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_domain_name_system",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_edge_gateway",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_global_traffic_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_link_controller",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_local_traffic_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_policy_enforcement_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_protocol_security_module",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_wan_optimization_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-ip_webaccelerator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-iq_application_delivery_controller",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-iq_cloud",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-iq_device",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:f5:big-iq_security",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002281"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "F5",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-257"
}
],
"trust": 0.6
},
"cve": "CVE-2016-2084",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2016-2084",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "VHN-90903",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2016-2084",
"impactScore": 5.2,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-2084",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-2084",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201604-257",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-90903",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90903"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002281"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-257"
},
{
"db": "NVD",
"id": "CVE-2016-2084"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP DNS 12.0.0 before build 1.14.628; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, and 11.6.0 before build 6.204.442; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 build 685-HF10; BIG-IQ Cloud, Device, and Security 4.2.0 through 4.5.0; and BIG-IQ ADC 4.5.0 do not properly regenerate certificates and keys when deploying cloud images in Amazon Web Services (AWS), Azure or Verizon cloud services environments, which allows attackers to obtain sensitive information or cause a denial of service (disruption) by leveraging a target instance configuration. plural F5 Products, Amazon Web Services (AWS) , Azure Or Verizon When a cloud image is deployed in a cloud service environment, credentials and keys are not properly regenerated, so important information is obtained or service operation is disrupted ( Interruption ) There are vulnerabilities that are put into a state.By the attacker, Target Instance By using the settings, important information is obtained or service operation is interrupted ( Interruption ) There is a possibility of being put into a state. Multiple F5 BIG-IP products are prone to a denial-of-service vulnerability. \nAttackers can exploit this issue to cause a denial-of-service condition. F5 BIG-IP LTM, etc. are all products of F5 Company in the United States. LTM is a local traffic manager; APM is a solution that provides secure unified access to business-critical applications and networks. A security vulnerability exists in several F5 BIG-IP and BIG-IQ products due to the program not properly regenerating certificates and keys. An attacker could exploit this vulnerability to disclose sensitive information",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2084"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002281"
},
{
"db": "BID",
"id": "86023"
},
{
"db": "VULHUB",
"id": "VHN-90903"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2084",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1035520",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002281",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201604-257",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2016.0912",
"trust": 0.6
},
{
"db": "BID",
"id": "86023",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-90903",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90903"
},
{
"db": "BID",
"id": "86023"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002281"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-257"
},
{
"db": "NVD",
"id": "CVE-2016-2084"
}
]
},
"id": "VAR-201604-0592",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-90903"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:38:45.090000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "sol11772107: BIG-IP and BIG-IQ cloud image vulnerability CVE-2016-2084",
"trust": 0.8,
"url": "https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html"
},
{
"title": "F5 BIG-IP and BIG-IQ Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60936"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002281"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-257"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90903"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002281"
},
{
"db": "NVD",
"id": "CVE-2016-2084"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1035520"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2084"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2084"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/render.html?it=33330"
},
{
"trust": 0.3,
"url": "http://www.f5.com/products/big-ip/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90903"
},
{
"db": "BID",
"id": "86023"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002281"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-257"
},
{
"db": "NVD",
"id": "CVE-2016-2084"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-90903"
},
{
"db": "BID",
"id": "86023"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002281"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-257"
},
{
"db": "NVD",
"id": "CVE-2016-2084"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-13T00:00:00",
"db": "VULHUB",
"id": "VHN-90903"
},
{
"date": "2016-04-11T00:00:00",
"db": "BID",
"id": "86023"
},
{
"date": "2016-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002281"
},
{
"date": "2016-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-257"
},
{
"date": "2016-04-13T16:59:10.160000",
"db": "NVD",
"id": "CVE-2016-2084"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-21T00:00:00",
"db": "VULHUB",
"id": "VHN-90903"
},
{
"date": "2016-04-11T00:00:00",
"db": "BID",
"id": "86023"
},
{
"date": "2016-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002281"
},
{
"date": "2016-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-257"
},
{
"date": "2024-11-21T02:47:46.577000",
"db": "NVD",
"id": "CVE-2016-2084"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-257"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural F5 Vulnerabilities in which important information is obtained in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002281"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-257"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.