Remote Service Disruption Vulnerability in F5 BIG-IP by F5 Networks
CVE-2016-7468

5.9MEDIUM

Key Information:

Vendor: F5 Networks
Status: F5 Big-ip Ltm, Aam, Afm, Analytics, Apm, Asm, Link Controller, Pem, Psm,
Vendor: CVE Published:; 23 March 2017

🔔 Create F5 Networks Vulnerability Alert

What is CVE-2016-7468?

An unauthenticated remote attacker can exploit a vulnerability in F5 BIG-IP devices (versions 11.4.1 to 11.5.4) by sending specially crafted network traffic. This issue predominantly affects virtual servers linked to TCP profiles when the tm.tcpprogressive database variable is configured to 'enabled', deviating from its default setting of 'negotiate'. Exploitation could lead to traffic disruption or potentially trigger a failover to another device within the group, impacting service continuity.