Details of VAR-201710-1313

ID

VAR-201710-1313

CVE

CVE-2017-6161

TITLE

plural F5 BIG-IP Product depletion vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-009798

DESCRIPTION

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypted and authenticate connections to mcpd. This vulnerability may allow remote attackers to cause a denial-of-service (DoS) attack via resource exhaustion. plural F5 BIG-IP The product is vulnerable to resource exhaustion.Service operation interruption (DoS) There is a possibility of being put into a state. Multiple F5 BIG-IP Products are prone to a security-bypass vulnerability. Successfully exploiting this issue may allow attackers to perform unauthorized actions. This may lead to other attacks. F5 BIG-IP LTM, etc. F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager

Trust: 1.98

sources: NVD: CVE-2017-6161 // JVNDB: JVNDB-2017-009798 // BID: 101636 // VULHUB: VHN-114364

AFFECTED PRODUCTS

vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	11.6.1	Trust: 1.6
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	12.1.0	Trust: 1.6
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	12.1.2	Trust: 1.6
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	11.2.1	Trust: 1.6
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	11.6.0	Trust: 1.6
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	12.0.0	Trust: 1.6
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	12.1.1	Trust: 1.6
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.2.1	Trust: 1.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	12.1.2	Trust: 1.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	12.1.1	Trust: 1.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.2.1	Trust: 1.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	12.1.0	Trust: 1.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.6.1	Trust: 1.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.2.1	Trust: 1.3
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	12.1.1	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	11.2.1	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.4.1	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.5.0	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	12.1.2	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	12.1.1	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.2.1	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	lte	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lte	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	12.1.2	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	gte	version:	11.5.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.4.1	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.5.3	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	12.1.1	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	12.1.2	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.5.5	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.5.1	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.4.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	11.5.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	11.2.1	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	eq	version:	12.1.1	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	12.1.2	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	eq	version:	11.2.1	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	gte	version:	11.5.0	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	12.1.1	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.5.1	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	11.5.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	lte	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	eq	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	12.1.2	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	eq	version:	12.1.2	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.5.3	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	lte	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	11.5.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	gte	version:	11.4.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.5.1	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.4.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	12.1.1	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	gte	version:	11.5.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	11.2.1	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	12.1.1	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	12.1.2	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	11.2.1	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.5.0	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.6.2	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	lte	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	lte	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	12.1.1	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	11.2.1	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	12.1.1	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.5.3	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	eq	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.6.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	12.1.2	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.4.1	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	gte	version:	11.5.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	eq	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	lte	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.5.0	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.5.5	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	11.4.0	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	12.1.2	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lte	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.5.4	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip advanced firewall manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip application acceleration manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip application security manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip domain name system	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip edge gateway	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip global traffic manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip link controller	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip local traffic manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip policy enforcement manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip webaccelerator	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	11.5.0	Trust: 0.6
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	11.5.2	Trust: 0.6
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	11.5.4	Trust: 0.6
vendor:	f5	model:	big-ip psm	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	12.1.1	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	11.6.1	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	11.5	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.6.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.5.2	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.5	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.6	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.5.2	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.5	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.6.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.5.2	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.5	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip dns	scope:	eq	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip dns	scope:	eq	version:	12.1.1	Trust: 0.3
vendor:	f5	model:	big-ip dns	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	big-ip dns	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	12.1.1	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.6.1	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.5.2	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.5	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	12.1.1	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.6.1	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.5.2	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.5.0	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.4.0	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	12.1.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.6.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.5.2	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.5	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	12.1.1	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	11.6.1	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	11.5.2	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	11.5	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	11.5.2	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	11.5	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	11.4.0	Trust: 0.3
vendor:	f5	model:	big-ip pem hf1	scope:	ne	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	ne	version:	11.6.2	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	ne	version:	11.5.5	Trust: 0.3
vendor:	f5	model:	big-ip ltm hf1	scope:	ne	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	ne	version:	11.6.2	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	ne	version:	11.5.5	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf1	scope:	ne	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	ne	version:	11.6.2	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	ne	version:	11.6.2	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	ne	version:	11.5.5	Trust: 0.3
vendor:	f5	model:	big-ip dns hf1	scope:	ne	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip asm hf1	scope:	ne	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	ne	version:	11.6.2	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	ne	version:	11.5.5	Trust: 0.3
vendor:	f5	model:	big-ip apm hf1	scope:	ne	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	ne	version:	11.5.5	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf1	scope:	ne	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip afm hf1	scope:	ne	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	ne	version:	11.6.2	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	ne	version:	11.5.5	Trust: 0.3
vendor:	f5	model:	big-ip aam hf1	scope:	ne	version:	12.1.2	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	ne	version:	11.6.2	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	ne	version:	11.5.5	Trust: 0.3

sources: BID: 101636 // JVNDB: JVNDB-2017-009798 // CNNVD: CNNVD-201710-1359 // NVD: CVE-2017-6161

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-6161
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2017-6161
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201710-1359
value:	LOW
Trust: 0.6
VULHUB:	VHN-114364
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2017-6161
severity:	LOW
baseScore:	2.9
vectorString:	AV:A/AC:M/AU:N/C:N/I:N/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	5.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-114364
severity:	LOW
baseScore:	2.9
vectorString:	AV:A/AC:M/AU:N/C:N/I:N/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	5.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-6161
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	1.6
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-114364 // JVNDB: JVNDB-2017-009798 // CNNVD: CNNVD-201710-1359 // NVD: CVE-2017-6161

PROBLEMTYPE DATA

problemtype:

CWE-400

Trust: 1.9

sources: VULHUB: VHN-114364 // JVNDB: JVNDB-2017-009798 // NVD: CVE-2017-6161

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201710-1359

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201710-1359

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-009798

PATCH

title:	K62279530	url:	https://support.f5.com/csp/article/K62279530	Trust: 0.8
title:	Multiple F5 Product security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76067	Trust: 0.6

sources: JVNDB: JVNDB-2017-009798 // CNNVD: CNNVD-201710-1359

EXTERNAL IDS

db:	NVD	id:	CVE-2017-6161	Trust: 2.8
db:	SECTRACK	id:	1039675	Trust: 1.7
db:	SECTRACK	id:	1039676	Trust: 1.7
db:	BID	id:	101636	Trust: 1.4
db:	JVNDB	id:	JVNDB-2017-009798	Trust: 0.8
db:	CNNVD	id:	CNNVD-201710-1359	Trust: 0.7
db:	VULHUB	id:	VHN-114364	Trust: 0.1

sources: VULHUB: VHN-114364 // BID: 101636 // JVNDB: JVNDB-2017-009798 // CNNVD: CNNVD-201710-1359 // NVD: CVE-2017-6161

REFERENCES

url:	https://support.f5.com/csp/article/k62279530	Trust: 2.0
url:	http://www.securitytracker.com/id/1039675	Trust: 1.7
url:	http://www.securitytracker.com/id/1039676	Trust: 1.7
url:	http://www.securityfocus.com/bid/101636	Trust: 1.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6161	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-6161	Trust: 0.8
url:	http://www.f5.com/products/big-ip/	Trust: 0.3

sources: VULHUB: VHN-114364 // BID: 101636 // JVNDB: JVNDB-2017-009798 // CNNVD: CNNVD-201710-1359 // NVD: CVE-2017-6161

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 101636

SOURCES

db:	VULHUB	id:	VHN-114364
db:	BID	id:	101636
db:	JVNDB	id:	JVNDB-2017-009798
db:	CNNVD	id:	CNNVD-201710-1359
db:	NVD	id:	CVE-2017-6161

LAST UPDATE DATE

2024-11-23T22:56:04.268000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-114364	date:	2017-11-16T00:00:00
db:	BID	id:	101636	date:	2017-12-19T22:00:00
db:	JVNDB	id:	JVNDB-2017-009798	date:	2017-11-22T00:00:00
db:	CNNVD	id:	CNNVD-201710-1359	date:	2017-11-03T00:00:00
db:	NVD	id:	CVE-2017-6161	date:	2024-11-21T03:29:10.300

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-114364	date:	2017-10-27T00:00:00
db:	BID	id:	101636	date:	2017-10-26T00:00:00
db:	JVNDB	id:	JVNDB-2017-009798	date:	2017-11-22T00:00:00
db:	CNNVD	id:	CNNVD-201710-1359	date:	2017-10-27T00:00:00
db:	NVD	id:	CVE-2017-6161	date:	2017-10-27T14:29:00.390