CVE-2017-6162

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, 11.2.1, in some cases TMM may crash when processing TCP traffic. This vulnerability affects TMM via a virtual server configured with TCP profile. Traffic processing is disrupted while Traffic Management Microkernel (TMM) restarts. If the affected BIG-IP system is configured to be part of a device group, it will trigger a failover to the peer device.
References
Link Resource
https://support.f5.com/csp/article/K13421245 Vendor Advisory
http://www.securitytracker.com/id/1039673 Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/101635 Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.2.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.2.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*

Configuration 6 (hide)

OR cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:12.1.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:12.1.0:*:*:*:*:*:*:*

Configuration 7 (hide)

OR cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.2.1:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1:*:*:*:*:*:*:*

Configuration 8 (hide)

cpe:2.3:a:f5:big-ip_websafe:1.0.0:*:*:*:*:*:*:*

Information

Published : 2017-10-27 07:29

Updated : 2017-11-16 12:21


NVD link : CVE-2017-6162

Mitre link : CVE-2017-6162


JSON object : View

CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Advertisement

dedicated server usa

Products Affected

f5

  • big-ip_link_controller
  • big-ip_advanced_firewall_manager
  • big-ip_websafe
  • big-ip_application_security_manager
  • big-ip_access_policy_manager
  • big-ip_local_traffic_manager
  • big-ip_application_acceleration_manager
  • big-ip_policy_enforcement_manager