Sign-up

ID

VAR-201703-0917


CVE

CVE-2016-9252


TITLE

plural F5 BIG-IP Product Traffic Management Microkernel Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2016-008181

DESCRIPTION

The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 and 12.x before 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote attackers to cause a denial-of-service (DoS) through unspecified vectors. F5 BIG-IP systems is an application delivery product of F5 Company in the United States that integrates functions such as network traffic management, application security management, and load balancing. Traffic Management Microkernel (TMM) is one of the service processes that performs traffic management. There is a security vulnerability in the TMM in F5 BIG-IP systems. A remote attacker could exploit this vulnerability to cause a denial of service. The following versions are affected: F5 BIG-IP systems prior to 11.5.4 HF3, 11.6.x prior to 11.6.1 HF2, 12.x prior to 12.1.2

Trust: 1.8

sources: NVD: CVE-2016-9252 // JVNDB: JVNDB-2016-008181 // VULHUB: VHN-98072 // VULMON: CVE-2016-9252

AFFECTED PRODUCTS

vendor:f5model:big-ip link controllerscope:eqversion:11.5.4

Trust: 1.6

vendor:f5model:big-ip local traffic managerscope:eqversion:11.4.1

Trust: 1.6

vendor:f5model:big-ip websafescope:eqversion:12.0.0

Trust: 1.6

vendor:f5model:big-ip local traffic managerscope:eqversion:11.4.0

Trust: 1.6

vendor:f5model:big-ip websafescope:eqversion:12.1.0

Trust: 1.6

vendor:f5model:big-ip application security managerscope:eqversion:11.5.2

Trust: 1.6

vendor:f5model:big-ip access policy managerscope:eqversion:10.2.2

Trust: 1.6

vendor:f5model:big-ip analyticsscope:eqversion:12.1.1

Trust: 1.6

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.4

Trust: 1.6

vendor:f5model:big-ip link controllerscope:eqversion:10.2.4

Trust: 1.6

vendor:f5model:big-ip application security managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:10.2.1

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.3

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.1

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:12.1.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:10.2.3

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:10.2.4

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:12.0.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:10.2.3

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:10.2.2

Trust: 1.0

vendor:f5model:big-ip websafescope:eqversion:12.1.1

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.5.4

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.5.4

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:10.2.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:12.0.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:12.1.1

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:12.0.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:10.2.1

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:12.0.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:10.2.2

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.4

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:10.2.3

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip websafescope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:10.2.3

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.5.4

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.5.4

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:12.1.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.5.4

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:12.0.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.2

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:10.2.4

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.5.4

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:10.2.4

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:10.2.3

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:12.0.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip websafescope:eqversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.2

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:10.2.2

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:10.2.4

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.5.4

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:12.1.1

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:10.2.3

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:10.2.1

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:12.0.0

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:10.2.1

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:eqversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:12.1.1

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:12.0.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.5.2

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:10.2.1

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.3

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:12.1.1

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:12.1.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:12.0.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:12.1.1

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:10.2.2

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:10.2.2

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.5.4

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.5.3

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.6.1

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:10.2.4

Trust: 1.0

vendor:f5model:big-ip access policy managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip advanced firewall managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip analyticsscope: - version: -

Trust: 0.8

vendor:f5model:big-ip application acceleration managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip application security managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip domain name systemscope: - version: -

Trust: 0.8

vendor:f5model:big-ip edge gatewayscope: - version: -

Trust: 0.8

vendor:f5model:big-ip global traffic managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip link controllerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip local traffic managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip policy enforcement managerscope: - version: -

Trust: 0.8

vendor:f5model:big-ip protocol security modulescope: - version: -

Trust: 0.8

vendor:f5model:big-ip webacceleratorscope: - version: -

Trust: 0.8

vendor:f5model:big-ip websafescope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2016-008181 // CNNVD: CNNVD-201703-1202 // NVD: CVE-2016-9252

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-9252
value: HIGH

Trust: 1.0

NVD: CVE-2016-9252
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201703-1202
value: HIGH

Trust: 0.6

VULHUB: VHN-98072
value: MEDIUM

Trust: 0.1

VULMON: CVE-2016-9252
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-9252
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-98072
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-9252
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-98072 // VULMON: CVE-2016-9252 // JVNDB: JVNDB-2016-008181 // CNNVD: CNNVD-201703-1202 // NVD: CVE-2016-9252

PROBLEMTYPE DATA

problemtype:CWE-19

Trust: 1.9

sources: VULHUB: VHN-98072 // JVNDB: JVNDB-2016-008181 // NVD: CVE-2016-9252

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201703-1202

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-201703-1202

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-008181

PATCH
title:K46535047: F5 TCP IPv6 vulnerability CVE-2016-9252url:https://support.f5.com/csp/article/K46535047
Trust: 0.8
title:F5 BIG-IP systems Traffic Management Microkernel Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74769
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2016-008181 // 
            
            
            
            CNNVD: CNNVD-201703-1202

EXTERNAL IDS
db:NVDid:CVE-2016-9252
Trust: 2.6
db:SECTRACKid:1038132
Trust: 1.8
db:JVNDBid:JVNDB-2016-008181
Trust: 0.8
db:CNNVDid:CNNVD-201703-1202
Trust: 0.7
db:VULHUBid:VHN-98072
Trust: 0.1
db:VULMONid:CVE-2016-9252
Trust: 0.1
sources:
            
            
            VULHUB: VHN-98072 // 
            
            
            
            VULMON: CVE-2016-9252 // 
            
            
            
            JVNDB: JVNDB-2016-008181 // 
            
            
            
            CNNVD: CNNVD-201703-1202 // 
            
            
            
            NVD: CVE-2016-9252

REFERENCES
url:https://support.f5.com/csp/article/k46535047
Trust: 1.8
url:http://www.securitytracker.com/id/1038132
Trust: 1.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9252
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2016-9252
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/19.html
Trust: 0.1
url:https://www.rapid7.com/db/vulnerabilities/f5-big-ip-cve-2016-9252
Trust: 0.1
url:https://tools.cisco.com/security/center/viewalert.x?alertid=53200
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULHUB: VHN-98072 // 
            
            
            
            VULMON: CVE-2016-9252 // 
            
            
            
            JVNDB: JVNDB-2016-008181 // 
            
            
            
            CNNVD: CNNVD-201703-1202 // 
            
            
            
            NVD: CVE-2016-9252

SOURCES
db:VULHUBid:VHN-98072
db:VULMONid:CVE-2016-9252
db:JVNDBid:JVNDB-2016-008181
db:CNNVDid:CNNVD-201703-1202
db:NVDid:CVE-2016-9252

LAST UPDATE DATE
2024-11-23T21:41:33.079000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-98072date:2019-06-06T00:00:00
db:VULMONid:CVE-2016-9252date:2019-06-06T00:00:00
db:JVNDBid:JVNDB-2016-008181date:2017-04-28T00:00:00
db:CNNVDid:CNNVD-201703-1202date:2019-06-10T00:00:00
db:NVDid:CVE-2016-9252date:2024-11-21T03:00:51.283

SOURCES RELEASE DATE
db:VULHUBid:VHN-98072date:2017-03-27T00:00:00
db:VULMONid:CVE-2016-9252date:2017-03-27T00:00:00
db:JVNDBid:JVNDB-2016-008181date:2017-04-28T00:00:00
db:CNNVDid:CNNVD-201703-1202date:2017-03-27T00:00:00
db:NVDid:CVE-2016-9252date:2017-03-27T18:59:00.230