IPSec Tunneling Vulnerability in F5 BIG-IP Products
CVE-2017-6156

6.4MEDIUM

Summary

This vulnerability affects F5 BIG-IP systems when configured with wildcard IPSec tunnel endpoints. A remote attacker, armed with valid credentials, can disrupt or impersonate established tunnels that have completed phase 1 IPSec negotiations. This situation is particularly concerning as it limits the attack surface to endpoints managed within the same administrative domain, potentially exposing sensitive data and compromising network integrity.

Affected Version(s)

BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) 12.1.0-12.1.1

BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) 11.6.0-11.6.1

BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) 11.5.1-11.5.5

References

CVSS V3.1

Score:
6.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.