Denial of Service Vulnerability in F5 BIG-IP Systems by F5 Networks
CVE-2016-9245

5.9MEDIUM

Key Information:

Vendor

F5 Networks

Status
F5 Big-ip Ltm, Aam, Afm, Analytics, Apm, Asm, Dns, Link Controller, Pem, Websafe
Vendor
CVE Published:
7 March 2017

What is CVE-2016-9245?

A vulnerability exists in F5 BIG-IP systems (versions 12.1.0 to 12.1.2) where crafted malicious requests targeting virtual servers with HTTP profiles can trigger a restart of the Traffic Management Microkernel (TMM). This issue is particularly relevant for BIG-IP APM profiles, exposing the system regardless of the configured settings. Additionally, those utilizing the non-default 'Normalize URI' settings in iRules or BIG-IP LTM policies may also find their systems susceptible. An attacker exploiting this vulnerability could disrupt traffic flow or force the BIG-IP to failover to another device within the device group, leading to potential service interruptions.

Affected Version(s)

F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, WebSafe 12.1.0 - 12.1.2

References

https://support.f5.com/csp/article/K22216037
x_refsource_CONFIRM
http://www.securitytracker.com/id/1037964
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/96471
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.