IP Address Handling Vulnerability in F5 BIG-IP by F5 Networks
CVE-2017-6158

6.5MEDIUM

Summary

A vulnerability exists in F5 BIG-IP products that affects the Traffic Management Microkernel (TMM), specifically related to its processing of invalid IP addresses. This flaw can potentially be exploited to affect the functionality of the services relying on the affected versions of the product. Users of the specified versions should review their configurations and apply any necessary patches to mitigate risks. For more detailed guidance, refer to the official F5 support article.

Affected Version(s)

BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) 12.0.0-12.1.2

BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) 11.6.0-11.6.1

BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) 11.5.1-11.5.5

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.