IPSec Tunneling Vulnerability in F5 BIG-IP Products
CVE-2017-6156
Key Information:
- Vendor
F5
- Vendor
- CVE Published:
- 13 April 2018
What is CVE-2017-6156?
This vulnerability affects F5 BIG-IP systems when configured with wildcard IPSec tunnel endpoints. A remote attacker, armed with valid credentials, can disrupt or impersonate established tunnels that have completed phase 1 IPSec negotiations. This situation is particularly concerning as it limits the attack surface to endpoints managed within the same administrative domain, potentially exposing sensitive data and compromising network integrity.
Affected Version(s)
BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) 12.1.0-12.1.1
BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) 11.6.0-11.6.1
BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) 11.5.1-11.5.5