SAML Authentication Request Vulnerability in F5 BIG-IP APM
CVE-2016-7467

5.3MEDIUM

Key Information:

Vendor

F5 Networks

Status
F5 Big-ip Apm
Vendor
CVE Published:
11 April 2017

What is CVE-2016-7467?

The F5 BIG-IP APM's TMM SSO plugin has a vulnerability that could disrupt traffic when it processes a malformed, signed SAML authentication request. This occurs in the context of a SAML Identity Provider configured with a Service Provider connector, affecting specific versions of the product. The flaw allows an authenticated user to inadvertently send a malicious request, potentially triggering failover scenarios or causing operational disruptions.

Affected Version(s)

F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 HF1, 11.5.4 - 11.5.4 HF2

References

http://www.securityfocus.com/bid/97168
vdb-entryx_refsource_BID
https://support.f5.com/csp/article/K95444512
x_refsource_CONFIRM
http://www.securitytracker.com/id/1038131
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2016-7467 : SAML Authentication Request Vulnerability in F5 BIG-IP APM