Details of VAR-201604-0592

ID

VAR-201604-0592

CVE

CVE-2016-2084

TITLE

plural F5 Vulnerabilities in which important information is obtained in products

Trust: 0.8

sources: JVNDB: JVNDB-2016-002281

DESCRIPTION

F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP DNS 12.0.0 before build 1.14.628; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, and 11.6.0 before build 6.204.442; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 build 685-HF10; BIG-IQ Cloud, Device, and Security 4.2.0 through 4.5.0; and BIG-IQ ADC 4.5.0 do not properly regenerate certificates and keys when deploying cloud images in Amazon Web Services (AWS), Azure or Verizon cloud services environments, which allows attackers to obtain sensitive information or cause a denial of service (disruption) by leveraging a target instance configuration. plural F5 Products, Amazon Web Services (AWS) , Azure Or Verizon When a cloud image is deployed in a cloud service environment, credentials and keys are not properly regenerated, so important information is obtained or service operation is disrupted ( Interruption ) There are vulnerabilities that are put into a state.By the attacker, Target Instance By using the settings, important information is obtained or service operation is interrupted ( Interruption ) There is a possibility of being put into a state. Multiple F5 BIG-IP products are prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a denial-of-service condition. F5 BIG-IP LTM, etc. are all products of F5 Company in the United States. LTM is a local traffic manager; APM is a solution that provides secure unified access to business-critical applications and networks. A security vulnerability exists in several F5 BIG-IP and BIG-IQ products due to the program not properly regenerating certificates and keys. An attacker could exploit this vulnerability to disclose sensitive information

Trust: 1.98

sources: NVD: CVE-2016-2084 // JVNDB: JVNDB-2016-002281 // BID: 86023 // VULHUB: VHN-90903

AFFECTED PRODUCTS

vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	11.4.1	Trust: 1.6
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.5.3	Trust: 1.6
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	11.5.3	Trust: 1.6
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	11.5.1	Trust: 1.6
vendor:	f5	model:	big-iq device	scope:	eq	version:	4.5.0	Trust: 1.6
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	11.6.0	Trust: 1.6
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.5.2	Trust: 1.6
vendor:	f5	model:	big-iq device	scope:	eq	version:	4.3.0	Trust: 1.6
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.4.1	Trust: 1.6
vendor:	f5	model:	big-iq device	scope:	eq	version:	4.4.0	Trust: 1.6
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	11.5.1	Trust: 1.0
vendor:	f5	model:	big-iq cloud	scope:	eq	version:	4.3.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	11.3.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.4.1	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	11.3.0	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.4.1	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	11.3.0	Trust: 1.0
vendor:	f5	model:	big-iq security	scope:	eq	version:	4.2.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	11.3.0	Trust: 1.0
vendor:	f5	model:	big-ip protocol security module	scope:	eq	version:	11.3.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	11.5.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	11.4.0	Trust: 1.0
vendor:	f5	model:	big-iq security	scope:	eq	version:	4.5.0	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip protocol security module	scope:	eq	version:	11.4.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.5.3	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.5.0	Trust: 1.0
vendor:	f5	model:	big-ip wan optimization manager	scope:	eq	version:	11.3.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.5.1	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	11.4.1	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.4.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	11.4.1	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.5.1	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	11.3.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	11.4.1	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-iq cloud	scope:	eq	version:	4.2.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.3.0	Trust: 1.0
vendor:	f5	model:	big-iq security	scope:	eq	version:	4.4.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	11.5.0	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.3.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.4.0	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.3.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	11.5.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	11.4.1	Trust: 1.0
vendor:	f5	model:	big-iq application delivery controller	scope:	eq	version:	4.5.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.5.1	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	11.4.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	11.5.0	Trust: 1.0
vendor:	f5	model:	big-iq cloud	scope:	eq	version:	4.4.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	11.5.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	11.4.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	11.4.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.3.0	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.3.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	11.5.3	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.5.3	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	11.5.1	Trust: 1.0
vendor:	f5	model:	big-iq security	scope:	eq	version:	4.3.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	11.4.1	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	11.5.3	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	11.5.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	11.4.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	11.5.3	Trust: 1.0
vendor:	f5	model:	big-iq cloud	scope:	eq	version:	4.5.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	11.5.1	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.5.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	11.5.3	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.5.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	11.5.3	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	11.5.1	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.4.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	11.5.1	Trust: 1.0
vendor:	f5	model:	big-iq device	scope:	eq	version:	4.2.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip advanced firewall manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip analytics	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip application acceleration manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip application security manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip domain name system	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip edge gateway	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip global traffic manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip link controller	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip local traffic manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip policy enforcement manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip protocol security module	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip wan optimization manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip webaccelerator	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-iq application delivery controller	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-iq cloud	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-iq device	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-iq security	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	bigip webaccelerator	scope:	ne	version:	10.1	Trust: 0.3

sources: BID: 86023 // JVNDB: JVNDB-2016-002281 // CNNVD: CNNVD-201604-257 // NVD: CVE-2016-2084

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-2084
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-2084
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201604-257
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-90903
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-2084
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:H/AU:N/C:P/I:N/A:P
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	4.9
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-90903
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:H/AU:N/C:P/I:N/A:P
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	4.9
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-2084
baseSeverity:	HIGH
baseScore:	7.4
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.2
impactScore:	5.2
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-90903 // JVNDB: JVNDB-2016-002281 // CNNVD: CNNVD-201604-257 // NVD: CVE-2016-2084

PROBLEMTYPE DATA

problemtype:

CWE-200

Trust: 1.9

sources: VULHUB: VHN-90903 // JVNDB: JVNDB-2016-002281 // NVD: CVE-2016-2084

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201604-257

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201604-257

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-002281

PATCH

title:	sol11772107: BIG-IP and BIG-IQ cloud image vulnerability CVE-2016-2084	url:	https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html	Trust: 0.8
title:	F5 BIG-IP and BIG-IQ Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60936	Trust: 0.6

sources: JVNDB: JVNDB-2016-002281 // CNNVD: CNNVD-201604-257

EXTERNAL IDS

db:	NVD	id:	CVE-2016-2084	Trust: 2.8
db:	SECTRACK	id:	1035520	Trust: 1.7
db:	JVNDB	id:	JVNDB-2016-002281	Trust: 0.8
db:	CNNVD	id:	CNNVD-201604-257	Trust: 0.7
db:	AUSCERT	id:	ESB-2016.0912	Trust: 0.6
db:	BID	id:	86023	Trust: 0.4
db:	VULHUB	id:	VHN-90903	Trust: 0.1

sources: VULHUB: VHN-90903 // BID: 86023 // JVNDB: JVNDB-2016-002281 // CNNVD: CNNVD-201604-257 // NVD: CVE-2016-2084

REFERENCES

url:	https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html	Trust: 1.7
url:	http://www.securitytracker.com/id/1035520	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2084	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2084	Trust: 0.8
url:	https://www.auscert.org.au/render.html?it=33330	Trust: 0.6
url:	http://www.f5.com/products/big-ip/	Trust: 0.3

sources: VULHUB: VHN-90903 // BID: 86023 // JVNDB: JVNDB-2016-002281 // CNNVD: CNNVD-201604-257 // NVD: CVE-2016-2084

CREDITS

Trust: 0.6

sources: CNNVD: CNNVD-201604-257

SOURCES

db:	VULHUB	id:	VHN-90903
db:	BID	id:	86023
db:	JVNDB	id:	JVNDB-2016-002281
db:	CNNVD	id:	CNNVD-201604-257
db:	NVD	id:	CVE-2016-2084

LAST UPDATE DATE

2024-11-23T22:38:45.090000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-90903	date:	2016-04-21T00:00:00
db:	BID	id:	86023	date:	2016-04-11T00:00:00
db:	JVNDB	id:	JVNDB-2016-002281	date:	2016-04-26T00:00:00
db:	CNNVD	id:	CNNVD-201604-257	date:	2016-04-14T00:00:00
db:	NVD	id:	CVE-2016-2084	date:	2024-11-21T02:47:46.577

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-90903	date:	2016-04-13T00:00:00
db:	BID	id:	86023	date:	2016-04-11T00:00:00
db:	JVNDB	id:	JVNDB-2016-002281	date:	2016-04-26T00:00:00
db:	CNNVD	id:	CNNVD-201604-257	date:	2016-04-13T00:00:00
db:	NVD	id:	CVE-2016-2084	date:	2016-04-13T16:59:10.160