CVE-2017-6128

7.5HIGH

Key Information:

Vendor
F5
Status
Big-ip Ltm, Aam, Afm, Analytics, Apm, Asm, Edge Gateway, Gtm, Link Controller, Pem, Psm, Webaccelerator, Websafe
Enterprise Manager
Big-iq Cloud, Device, Security, Adc, Centralized Management, Cloud And Orchestration
Iworkflow
Vendor
CVE Published:
1 May 2017

Summary

An attacker may be able to cause a denial-of-service (DoS) attack against the sshd component in F5 BIG-IP, Enterprise Manager, BIG-IQ, and iWorkflow.

Affected Version(s)

BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WebSafe varies depending on product - see https://support.f5.com/csp/article/K92140924 for table

BIG-IQ Cloud, Device, Security, ADC, Centralized Management, Cloud and Orchestration varies depending on product - see https://support.f5.com/csp/article/K92140924 for table

Enterprise Manager varies depending on product - see https://support.f5.com/csp/article/K92140924 for table

References

http://www.securitytracker.com/id/1038363
vdb-entryx_refsource_SECTRACK
https://support.f5.com/csp/article/K92140924
x_refsource_CONFIRM
http://www.securitytracker.com/id/1038362
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.