Remote Code Execution Vulnerability in F5 BIG-IP LTM Systems
CVE-2016-5745

9.8CRITICAL

Key Information:

Vendor
F5
Status
Big-ip Local Traffic Manager
Vendor
CVE Published:
5 October 2016

Summary

F5 BIG-IP LTM systems are vulnerable to unauthorized remote access, allowing attackers to modify or extract sensitive system configuration files. This vulnerability can be exploited through specific vectors associated with NAT64, potentially compromising the integrity and security of affected systems. Users are advised to apply necessary updates and patches to mitigate the risks associated with this vulnerability.

References

http://www.securityfocus.com/bid/94240
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1036927
vdb-entryx_refsource_SECTRACK
https://support.f5.com/kb/en-us/solutions/public/k/64/sol...
x_refsource_CONFIRM

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.