Lucene search

[email protected]CVE-2016-9245

HistoryMar 07, 2017 - 9:59 p.m.

CVE-2016-9245

2017-03-0721:59:00

CWE-284

[email protected]

web.nvd.nist.gov

big-ip

systems

security

vulnerability

cve-2016-9245

http

apm

irules

ltm

tmm

traffic disruption

failover

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

70.3%

JSON

In F5 BIG-IP systems 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default “Normalize URI” configuration options used in iRules and/or BIG-IP LTM policies. An attacker may be able to disrupt traffic or cause the BIG-IP system to fail over to another device in the device group.

Affected configurations

NVD

Node

f5big-ip_local_traffic_managerMatch12.1.0

f5big-ip_local_traffic_managerMatch12.1.1

f5big-ip_local_traffic_managerMatch12.1.2

Node

f5big-ip_application_acceleration_managerMatch12.1.0

f5big-ip_application_acceleration_managerMatch12.1.1

f5big-ip_application_acceleration_managerMatch12.1.2

Node

f5big-ip_advanced_firewall_managerMatch12.1.0

f5big-ip_advanced_firewall_managerMatch12.1.1

f5big-ip_advanced_firewall_managerMatch12.1.2

Node

f5big-ip_analyticsMatch12.1.0

f5big-ip_analyticsMatch12.1.1

f5big-ip_analyticsMatch12.1.2

Node

f5big-ip_access_policy_managerMatch12.1.0

f5big-ip_access_policy_managerMatch12.1.1

f5big-ip_access_policy_managerMatch12.1.2

Node

f5big-ip_application_security_managerMatch12.1.0

f5big-ip_application_security_managerMatch12.1.1

f5big-ip_application_security_managerMatch12.1.2

Node

f5big-ip_domain_name_systemMatch12.1.0

f5big-ip_domain_name_systemMatch12.1.1

f5big-ip_domain_name_systemMatch12.1.2

Node

f5big-ip_link_controllerMatch12.1.0

f5big-ip_link_controllerMatch12.1.1

f5big-ip_link_controllerMatch12.1.2

Node

f5big-ip_policy_enforcement_managerMatch12.1.0

f5big-ip_policy_enforcement_managerMatch12.1.1

f5big-ip_policy_enforcement_managerMatch12.1.2

Node

f5big-ip_websafeMatch12.1.0

f5big-ip_websafeMatch12.1.1

f5big-ip_websafeMatch12.1.2

CPENameOperatorVersion
f5:big-ip_local_traffic_managerf5 big-ip local traffic managereq12.1.0
f5:big-ip_local_traffic_managerf5 big-ip local traffic managereq12.1.1
f5:big-ip_local_traffic_managerf5 big-ip local traffic managereq12.1.2

CPE	Name	Operator	Version
f5:big-ip_local_traffic_manager	f5 big-ip local traffic manager	eq	12.1.0
f5:big-ip_local_traffic_manager	f5 big-ip local traffic manager	eq	12.1.1
f5:big-ip_local_traffic_manager	f5 big-ip local traffic manager	eq	12.1.2

CNA Affected

[
  {
    "product": "F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, WebSafe",
    "vendor": "F5 Networks",
    "versions": [
      {
        "status": "affected",
        "version": "12.1.0 - 12.1.2"
      }
    ]
  }
]

References

www.securityfocus.com/bid/96471

www.securitytracker.com/id/1037964

support.f5.com/csp/article/K22216037

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

70.3%

JSON

Related for CVE-2016-9245

prion1 cvelist1 f51 nessus1 nvd1 openvas1