Lucene search
HistoryAug 26, 2016 - 2:59 p.m.
CVE-2016-1497
f5 big-ip
configuration utility
cve-2016-1497
access policy manager
apm
remote administrators
security vulnerability
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
4.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
41.8%
The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (APM) access logs via unspecified vectors.
Affected configurations
Node
f5big-ip_webacceleratorMatch11.0.0
ORf5big-ip_webacceleratorMatch11.1.0
ORf5big-ip_webacceleratorMatch11.2.0
ORf5big-ip_webacceleratorMatch11.2.1
ORf5big-ip_webacceleratorMatch11.3.0
Node
f5big-ip_link_controllerMatch11.0.0
ORf5big-ip_link_controllerMatch11.1.0
ORf5big-ip_link_controllerMatch11.2.0
ORf5big-ip_link_controllerMatch11.2.1
ORf5big-ip_link_controllerMatch11.3.0
ORf5big-ip_link_controllerMatch11.4.0
ORf5big-ip_link_controllerMatch11.4.1
ORf5big-ip_link_controllerMatch11.5.0
ORf5big-ip_link_controllerMatch11.5.1
ORf5big-ip_link_controllerMatch11.5.2
ORf5big-ip_link_controllerMatch11.5.3
ORf5big-ip_link_controllerMatch11.5.4
ORf5big-ip_link_controllerMatch11.6.0
ORf5big-ip_link_controllerMatch12.0.0
Node
f5big-ip_access_policy_managerMatch11.0.0
ORf5big-ip_access_policy_managerMatch11.1.0
ORf5big-ip_access_policy_managerMatch11.2.0
ORf5big-ip_access_policy_managerMatch11.2.1
ORf5big-ip_access_policy_managerMatch11.3.0
ORf5big-ip_access_policy_managerMatch11.4.0
ORf5big-ip_access_policy_managerMatch11.4.1
ORf5big-ip_access_policy_managerMatch11.5.0
ORf5big-ip_access_policy_managerMatch11.5.1
ORf5big-ip_access_policy_managerMatch11.5.2
ORf5big-ip_access_policy_managerMatch11.5.3
ORf5big-ip_access_policy_managerMatch11.5.4
ORf5big-ip_access_policy_managerMatch11.6.0
ORf5big-ip_access_policy_managerMatch12.0.0
Node
f5big-ip_application_security_managerMatch11.0.0
ORf5big-ip_application_security_managerMatch11.1.0
ORf5big-ip_application_security_managerMatch11.2.0
ORf5big-ip_application_security_managerMatch11.2.1
ORf5big-ip_application_security_managerMatch11.3.0
ORf5big-ip_application_security_managerMatch11.4.0
ORf5big-ip_application_security_managerMatch11.4.1
ORf5big-ip_application_security_managerMatch11.5.0
ORf5big-ip_application_security_managerMatch11.5.1
ORf5big-ip_application_security_managerMatch11.5.2
ORf5big-ip_application_security_managerMatch11.5.3
ORf5big-ip_application_security_managerMatch11.5.4
ORf5big-ip_application_security_managerMatch11.6.0
ORf5big-ip_application_security_managerMatch12.0.0
Node
f5big-ip_domain_name_systemMatch12.0.0
Node
f5big-ip_global_traffic_managerMatch11.0.0
ORf5big-ip_global_traffic_managerMatch11.1.0
ORf5big-ip_global_traffic_managerMatch11.2.0
ORf5big-ip_global_traffic_managerMatch11.2.1
ORf5big-ip_global_traffic_managerMatch11.3.0
ORf5big-ip_global_traffic_managerMatch11.4.0
ORf5big-ip_global_traffic_managerMatch11.4.1
ORf5big-ip_global_traffic_managerMatch11.5.0
ORf5big-ip_global_traffic_managerMatch11.5.1
ORf5big-ip_global_traffic_managerMatch11.5.2
ORf5big-ip_global_traffic_managerMatch11.5.3
ORf5big-ip_global_traffic_managerMatch11.5.4
ORf5big-ip_global_traffic_managerMatch11.6.0
Node
f5big-ip_local_traffic_managerMatch11.0.0
ORf5big-ip_local_traffic_managerMatch11.1.0
ORf5big-ip_local_traffic_managerMatch11.2.0
ORf5big-ip_local_traffic_managerMatch11.2.1
ORf5big-ip_local_traffic_managerMatch11.3.0
ORf5big-ip_local_traffic_managerMatch11.4.0
ORf5big-ip_local_traffic_managerMatch11.4.1
ORf5big-ip_local_traffic_managerMatch11.5.0
ORf5big-ip_local_traffic_managerMatch11.5.1
ORf5big-ip_local_traffic_managerMatch11.5.2
ORf5big-ip_local_traffic_managerMatch11.5.3
ORf5big-ip_local_traffic_managerMatch11.5.4
ORf5big-ip_local_traffic_managerMatch11.6.0
ORf5big-ip_local_traffic_managerMatch12.0.0
Node
f5big-ip_application_acceleration_managerMatch11.4.0
ORf5big-ip_application_acceleration_managerMatch11.4.1
ORf5big-ip_application_acceleration_managerMatch11.5.0
ORf5big-ip_application_acceleration_managerMatch11.5.1
ORf5big-ip_application_acceleration_managerMatch11.5.2
ORf5big-ip_application_acceleration_managerMatch11.5.3
ORf5big-ip_application_acceleration_managerMatch11.5.4
ORf5big-ip_application_acceleration_managerMatch11.6.0
ORf5big-ip_application_acceleration_managerMatch12.0.0
Node
f5big-ip_protocol_security_moduleMatch11.0.0
ORf5big-ip_protocol_security_moduleMatch11.1.0
ORf5big-ip_protocol_security_moduleMatch11.2.0
ORf5big-ip_protocol_security_moduleMatch11.2.1
ORf5big-ip_protocol_security_moduleMatch11.3.0
ORf5big-ip_protocol_security_moduleMatch11.4.0
ORf5big-ip_protocol_security_moduleMatch11.4.1
Node
f5big-ip_analyticsMatch11.0.0
ORf5big-ip_analyticsMatch11.1.0
ORf5big-ip_analyticsMatch11.2.0
ORf5big-ip_analyticsMatch11.2.1
ORf5big-ip_analyticsMatch11.3.0
ORf5big-ip_analyticsMatch11.4.0
ORf5big-ip_analyticsMatch11.4.1
ORf5big-ip_analyticsMatch11.5.0
ORf5big-ip_analyticsMatch11.5.1
ORf5big-ip_analyticsMatch11.5.2
ORf5big-ip_analyticsMatch11.5.3
ORf5big-ip_analyticsMatch11.5.4
ORf5big-ip_analyticsMatch11.6.0
ORf5big-ip_analyticsMatch12.0.0
Node
f5big-ip_advanced_firewall_managerMatch11.2.1
ORf5big-ip_advanced_firewall_managerMatch11.3.0
ORf5big-ip_advanced_firewall_managerMatch11.4.0
ORf5big-ip_advanced_firewall_managerMatch11.4.1
ORf5big-ip_advanced_firewall_managerMatch11.5.0
ORf5big-ip_advanced_firewall_managerMatch11.5.1
ORf5big-ip_advanced_firewall_managerMatch11.5.2
ORf5big-ip_advanced_firewall_managerMatch11.5.3
ORf5big-ip_advanced_firewall_managerMatch11.5.4
ORf5big-ip_advanced_firewall_managerMatch11.6.0
ORf5big-ip_advanced_firewall_managerMatch12.0.0
Node
f5big-ip_wan_optimization_managerMatch11.0.0
ORf5big-ip_wan_optimization_managerMatch11.1.0
ORf5big-ip_wan_optimization_managerMatch11.2.0
ORf5big-ip_wan_optimization_managerMatch11.2.1
ORf5big-ip_wan_optimization_managerMatch11.3.0
Node
f5big-ip_policy_enforcement_managerMatch11.3.0
ORf5big-ip_policy_enforcement_managerMatch11.4.0
ORf5big-ip_policy_enforcement_managerMatch11.4.1
ORf5big-ip_policy_enforcement_managerMatch11.5.0
ORf5big-ip_policy_enforcement_managerMatch11.5.1
ORf5big-ip_policy_enforcement_managerMatch11.5.2
ORf5big-ip_policy_enforcement_managerMatch11.5.3
ORf5big-ip_policy_enforcement_managerMatch11.5.4
ORf5big-ip_policy_enforcement_managerMatch11.6.0
ORf5big-ip_policy_enforcement_managerMatch12.0.0
Node
f5big-ip_edge_gatewayMatch11.0.0
ORf5big-ip_edge_gatewayMatch11.1.0
ORf5big-ip_edge_gatewayMatch11.2.0
ORf5big-ip_edge_gatewayMatch11.2.1
ORf5big-ip_edge_gatewayMatch11.3.0
References
Social References
More
Related
f5
f5
SOL31925518 - BIG-IP APM access logs vulnerability CVE-2016-1497
2016-08-10 00:00:00
K31925518 : BIG-IP APM access logs vulnerability CVE-2016-1497
2016-08-10 00:00:00
openvas
openvas
F5 BIG-IP - BIG-IP APM access logs vulnerability CVE-2016-1497
2016-08-12 00:00:00
prion
prion
Design/Logic Flaw
2016-08-26 14:59:00
cvelist
cvelist
CVE-2016-1497
2016-08-26 14:00:00
nvd
nvd
CVE-2016-1497
2016-08-26 14:59:00
nessus
nessus
F5 Networks BIG-IP : BIG-IP APM access logs vulnerability (K31925518)
2016-08-11 00:00:00
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
4.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
41.8%
Related for CVE-2016-1497