Denial-of-Service Vulnerability in F5 BIG-IP and Associated Products
CVE-2017-6128
Key Information:
Summary
The vulnerability allows an attacker to potentially exploit the sshd component within F5 BIG-IP, Enterprise Manager, BIG-IQ, and iWorkflow, leading to denial-of-service conditions. This could disrupt the functionality of the affected systems, rendering services unavailable. Organizations using these F5 products should evaluate their configurations and apply necessary patches or mitigations to protect against potential exploit scenarios highlighted in recent security advisories.
Affected Version(s)
BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WebSafe varies depending on product - see https://support.f5.com/csp/article/K92140924 for table
BIG-IQ Cloud, Device, Security, ADC, Centralized Management, Cloud and Orchestration varies depending on product - see https://support.f5.com/csp/article/K92140924 for table
Enterprise Manager varies depending on product - see https://support.f5.com/csp/article/K92140924 for table
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved