Search...

CVE-2017-6153

2018-06-01T14:29:00

ID CVE-2017-6153
Type cve
Reporter cve@mitre.org
Modified 2019-10-03T00:03:00

Description

Features in F5 BIG-IP 13.0.0-13.1.0.3, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 system that utilizes inflate functionality directly, via an iRule, or via the inflate code from PEM module are subjected to a service disruption via a "Zip Bomb" attack.

JSON Vulners Source

Initial Source

{"id": "CVE-2017-6153", "bulletinFamily": "NVD", "title": "CVE-2017-6153", "description": "Features in F5 BIG-IP 13.0.0-13.1.0.3, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 system that utilizes inflate functionality directly, via an iRule, or via the inflate code from PEM module are subjected to a service disruption via a \"Zip Bomb\" attack.", "published": "2018-06-01T14:29:00", "modified": "2019-10-03T00:03:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6153", "reporter": "cve@mitre.org", "references": ["http://www.securitytracker.com/id/1041024", "https://support.f5.com/csp/article/K52167636"], "cvelist": ["CVE-2017-6153"], "type": "cve", "lastseen": "2020-12-09T20:13:34", "edition": 6, "viewCount": 6, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["F5:K52167636"]}, {"type": "nessus", "idList": ["F5_BIGIP_SOL52167636.NASL"]}], "modified": "2020-12-09T20:13:34", "rev": 2}, "score": {"value": 3.2, "vector": "NONE", "modified": "2020-12-09T20:13:34", "rev": 2}, "vulnersScore": 3.2}, "cpe": ["cpe:/a:f5:big-ip_access_policy_manager:13.0.0", "cpe:/a:f5:big-ip_advanced_firewall_manager:11.5.5", "cpe:/a:f5:big-ip_local_traffic_manager:12.1.3", "cpe:/a:f5:big-ip_domain_name_system:13.1.0", "cpe:/a:f5:big-ip_webaccelerator:13.1.0", "cpe:/a:f5:big-ip_policy_enforcement_manager:11.2.1", "cpe:/a:f5:big-ip_webaccelerator:11.6.3", "cpe:/a:f5:big-ip_policy_enforcement_manager:12.1.3", "cpe:/a:f5:big-ip_application_security_manager:11.2.1", "cpe:/a:f5:big-ip_analytics:12.1.3", "cpe:/a:f5:big-ip_edge_gateway:12.1.3", "cpe:/a:f5:big-ip_analytics:11.6.3", "cpe:/a:f5:big-ip_policy_enforcement_manager:13.0.0", "cpe:/a:f5:big-ip_application_acceleration_manager:11.6.3", "cpe:/a:f5:big-ip_application_security_manager:12.1.3", "cpe:/a:f5:big-ip_webaccelerator:11.2.1", "cpe:/a:f5:big-ip_global_traffic_manager:12.1.3", "cpe:/a:f5:big-ip_domain_name_system:12.1.3", "cpe:/a:f5:big-ip_application_security_manager:13.1.0", "cpe:/a:f5:big-ip_global_traffic_manager:11.2.1", "cpe:/a:f5:big-ip_edge_gateway:11.5.5", "cpe:/a:f5:big-ip_webaccelerator:12.1.3", "cpe:/a:f5:big-ip_advanced_firewall_manager:13.0.0", "cpe:/a:f5:big-ip_policy_enforcement_manager:13.1.0", "cpe:/a:f5:big-ip_local_traffic_manager:11.6.3", "cpe:/a:f5:big-ip_application_acceleration_manager:13.0.0", "cpe:/a:f5:big-ip_analytics:11.5.5", "cpe:/a:f5:big-ip_analytics:11.2.1", "cpe:/a:f5:big-ip_advanced_firewall_manager:11.6.3", "cpe:/a:f5:big-ip_domain_name_system:11.2.1", "cpe:/a:f5:big-ip_advanced_firewall_manager:11.2.1", "cpe:/a:f5:big-ip_domain_name_system:13.0.0", "cpe:/a:f5:big-ip_advanced_firewall_manager:13.1.0", "cpe:/a:f5:big-ip_access_policy_manager:11.2.1", "cpe:/a:f5:big-ip_access_policy_manager:11.6.3", "cpe:/a:f5:big-ip_local_traffic_manager:11.5.5", "cpe:/a:f5:big-ip_fraud_protection_service:12.1.3", "cpe:/a:f5:big-ip_fraud_protection_service:13.1.0", "cpe:/a:f5:big-ip_global_traffic_manager:13.0.0", "cpe:/a:f5:big-ip_domain_name_system:11.5.5", "cpe:/a:f5:big-ip_edge_gateway:13.0.0", "cpe:/a:f5:big-ip_link_controller:11.2.1", "cpe:/a:f5:big-ip_analytics:13.0.0", "cpe:/a:f5:big-ip_webaccelerator:11.5.5", "cpe:/a:f5:big-ip_local_traffic_manager:13.1.0", "cpe:/a:f5:big-ip_link_controller:11.5.5", "cpe:/a:f5:big-ip_link_controller:13.1.0", "cpe:/a:f5:big-ip_local_traffic_manager:11.2.1", "cpe:/a:f5:big-ip_access_policy_manager:13.1.0", "cpe:/a:f5:big-ip_fraud_protection_service:11.2.1", "cpe:/a:f5:big-ip_link_controller:11.6.3", "cpe:/a:f5:big-ip_edge_gateway:11.2.1", "cpe:/a:f5:big-ip_application_acceleration_manager:11.2.1", "cpe:/a:f5:big-ip_link_controller:12.1.3", "cpe:/a:f5:big-ip_application_acceleration_manager:12.1.3", "cpe:/a:f5:big-ip_global_traffic_manager:11.6.3", "cpe:/a:f5:big-ip_application_acceleration_manager:13.1.0", "cpe:/a:f5:big-ip_analytics:13.1.0", "cpe:/a:f5:big-ip_application_security_manager:11.5.5", "cpe:/a:f5:big-ip_local_traffic_manager:13.0.0", "cpe:/a:f5:big-ip_link_controller:13.0.0", "cpe:/a:f5:big-ip_application_acceleration_manager:11.5.5", "cpe:/a:f5:big-ip_webaccelerator:13.0.0", "cpe:/a:f5:big-ip_domain_name_system:11.6.3", "cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.3", "cpe:/a:f5:big-ip_access_policy_manager:11.5.5", "cpe:/a:f5:big-ip_global_traffic_manager:13.1.0", "cpe:/a:f5:big-ip_application_security_manager:13.0.0", "cpe:/a:f5:big-ip_policy_enforcement_manager:11.6.3", "cpe:/a:f5:big-ip_edge_gateway:11.6.3", "cpe:/a:f5:big-ip_policy_enforcement_manager:11.5.5", "cpe:/a:f5:big-ip_application_security_manager:11.6.3", "cpe:/a:f5:big-ip_fraud_protection_service:11.5.5", "cpe:/a:f5:big-ip_fraud_protection_service:11.6.3", "cpe:/a:f5:big-ip_global_traffic_manager:11.5.5", "cpe:/a:f5:big-ip_edge_gateway:13.1.0", "cpe:/a:f5:big-ip_access_policy_manager:12.1.3", "cpe:/a:f5:big-ip_fraud_protection_service:13.0.0"], "affectedSoftware": [{"cpeName": "f5:big-ip_webaccelerator", "name": "f5 big-ip webaccelerator", "operator": "eq", "version": "11.2.1"}, {"cpeName": "f5:big-ip_webaccelerator", "name": "f5 big-ip webaccelerator", "operator": "eq", "version": "13.0.0"}, {"cpeName": "f5:big-ip_access_policy_manager", "name": "f5 big-ip access policy manager", "operator": "eq", "version": "13.0.0"}, {"cpeName": "f5:big-ip_global_traffic_manager", "name": "f5 big-ip global traffic manager", "operator": "le", "version": "11.6.3"}, {"cpeName": "f5:big-ip_access_policy_manager", "name": "f5 big-ip access policy manager", "operator": "eq", "version": "11.2.1"}, {"cpeName": "f5:big-ip_domain_name_system", "name": "f5 big-ip domain name system", "operator": "le", "version": "11.6.3"}, {"cpeName": "f5:big-ip_local_traffic_manager", "name": "f5 big-ip local traffic manager", "operator": "eq", "version": "13.0.0"}, {"cpeName": "f5:big-ip_fraud_protection_service", "name": "f5 big-ip fraud protection service", "operator": "eq", "version": "11.2.1"}, {"cpeName": "f5:big-ip_fraud_protection_service", "name": "f5 big-ip fraud protection service", "operator": "eq", "version": "13.0.0"}, {"cpeName": "f5:big-ip_edge_gateway", "name": "f5 big-ip edge gateway", "operator": "eq", "version": "13.1.0"}, {"cpeName": "f5:big-ip_fraud_protection_service", "name": "f5 big-ip fraud protection service", "operator": "le", "version": "12.1.3"}, {"cpeName": "f5:big-ip_application_acceleration_manager", "name": "f5 big-ip application acceleration manager", "operator": "eq", "version": "13.0.0"}, {"cpeName": "f5:big-ip_application_acceleration_manager", "name": "f5 big-ip application acceleration manager", "operator": "le", "version": "12.1.3"}, {"cpeName": "f5:big-ip_fraud_protection_service", "name": "f5 big-ip fraud protection service", "operator": "eq", "version": "13.1.0"}, {"cpeName": "f5:big-ip_application_security_manager", "name": "f5 big-ip application security manager", "operator": "eq", "version": "13.1.0"}, {"cpeName": "f5:big-ip_application_security_manager", "name": "f5 big-ip application security manager", "operator": "le", "version": "12.1.3"}, {"cpeName": "f5:big-ip_global_traffic_manager", "name": "f5 big-ip global traffic manager", "operator": "le", "version": "11.5.5"}, {"cpeName": "f5:big-ip_application_security_manager", "name": "f5 big-ip application security manager", "operator": "le", "version": "11.6.3"}, {"cpeName": "f5:big-ip_policy_enforcement_manager", "name": "f5 big-ip policy enforcement manager", "operator": "le", "version": "11.5.5"}, {"cpeName": "f5:big-ip_domain_name_system", "name": "f5 big-ip domain name system", "operator": "eq", "version": "13.0.0"}, {"cpeName": "f5:big-ip_global_traffic_manager", "name": "f5 big-ip global traffic manager", "operator": "le", "version": "12.1.3"}, {"cpeName": "f5:big-ip_advanced_firewall_manager", "name": "f5 big-ip advanced firewall manager", "operator": "eq", "version": "11.2.1"}, {"cpeName": "f5:big-ip_policy_enforcement_manager", "name": "f5 big-ip policy enforcement manager", "operator": "eq", "version": "13.0.0"}, {"cpeName": "f5:big-ip_application_security_manager", "name": "f5 big-ip application security manager", "operator": "eq", "version": "13.0.0"}, {"cpeName": "f5:big-ip_webaccelerator", "name": "f5 big-ip webaccelerator", "operator": "le", "version": "12.1.3"}, {"cpeName": "f5:big-ip_advanced_firewall_manager", "name": "f5 big-ip advanced firewall manager", "operator": "le", "version": "12.1.3"}, {"cpeName": "f5:big-ip_webaccelerator", "name": "f5 big-ip webaccelerator", "operator": "eq", "version": "13.1.0"}, {"cpeName": "f5:big-ip_application_security_manager", "name": "f5 big-ip application security manager", "operator": "eq", "version": "11.2.1"}, {"cpeName": "f5:big-ip_domain_name_system", "name": "f5 big-ip domain name system", "operator": "eq", "version": "13.1.0"}, {"cpeName": "f5:big-ip_link_controller", "name": "f5 big-ip link controller", "operator": "eq", "version": "11.2.1"}, {"cpeName": "f5:big-ip_local_traffic_manager", "name": "f5 big-ip local traffic manager", "operator": "eq", "version": "13.1.0"}, {"cpeName": "f5:big-ip_access_policy_manager", "name": "f5 big-ip access policy manager", "operator": "le", "version": "12.1.3"}, {"cpeName": "f5:big-ip_webaccelerator", "name": "f5 big-ip webaccelerator", "operator": "le", "version": "11.5.5"}, {"cpeName": "f5:big-ip_application_security_manager", "name": "f5 big-ip application security manager", "operator": "le", "version": "11.5.5"}, {"cpeName": "f5:big-ip_analytics", "name": "f5 big-ip analytics", "operator": "eq", "version": "13.1.0"}, {"cpeName": "f5:big-ip_link_controller", "name": "f5 big-ip link controller", "operator": "eq", "version": "13.1.0"}, {"cpeName": "f5:big-ip_link_controller", "name": "f5 big-ip link controller", "operator": "le", "version": "11.5.5"}, {"cpeName": "f5:big-ip_local_traffic_manager", "name": "f5 big-ip local traffic manager", "operator": "eq", "version": "11.2.1"}, {"cpeName": "f5:big-ip_link_controller", "name": "f5 big-ip link controller", "operator": "le", "version": "12.1.3"}, {"cpeName": "f5:big-ip_edge_gateway", "name": "f5 big-ip edge gateway", "operator": "eq", "version": "13.0.0"}, {"cpeName": "f5:big-ip_local_traffic_manager", "name": "f5 big-ip local traffic manager", "operator": "le", "version": "11.6.3"}, {"cpeName": "f5:big-ip_access_policy_manager", "name": "f5 big-ip access policy manager", "operator": "le", "version": "11.6.3"}, {"cpeName": "f5:big-ip_advanced_firewall_manager", "name": "f5 big-ip advanced firewall manager", "operator": "eq", "version": "13.1.0"}, {"cpeName": "f5:big-ip_domain_name_system", "name": "f5 big-ip domain name system", "operator": "le", "version": "11.5.5"}, {"cpeName": "f5:big-ip_edge_gateway", "name": "f5 big-ip edge gateway", "operator": "eq", "version": "11.2.1"}, {"cpeName": "f5:big-ip_analytics", "name": "f5 big-ip analytics", "operator": "eq", "version": "11.2.1"}, {"cpeName": "f5:big-ip_analytics", "name": "f5 big-ip analytics", "operator": "eq", "version": "13.0.0"}, {"cpeName": "f5:big-ip_access_policy_manager", "name": "f5 big-ip access policy manager", "operator": "eq", "version": "13.1.0"}, {"cpeName": "f5:big-ip_advanced_firewall_manager", "name": "f5 big-ip advanced firewall manager", "operator": "le", "version": "11.5.5"}, {"cpeName": "f5:big-ip_edge_gateway", "name": "f5 big-ip edge gateway", "operator": "le", "version": "12.1.3"}, {"cpeName": "f5:big-ip_policy_enforcement_manager", "name": "f5 big-ip policy enforcement manager", "operator": "le", "version": "11.6.3"}, {"cpeName": "f5:big-ip_analytics", "name": "f5 big-ip analytics", "operator": "le", "version": "12.1.3"}, {"cpeName": "f5:big-ip_fraud_protection_service", "name": "f5 big-ip fraud protection service", "operator": "le", "version": "11.6.3"}, {"cpeName": "f5:big-ip_analytics", "name": "f5 big-ip analytics", "operator": "le", "version": "11.6.3"}, {"cpeName": "f5:big-ip_domain_name_system", "name": "f5 big-ip domain name system", "operator": "le", "version": "12.1.3"}, {"cpeName": "f5:big-ip_fraud_protection_service", "name": "f5 big-ip fraud protection service", "operator": "le", "version": "11.5.5"}, {"cpeName": "f5:big-ip_local_traffic_manager", "name": "f5 big-ip local traffic manager", "operator": "le", "version": "12.1.3"}, {"cpeName": "f5:big-ip_policy_enforcement_manager", "name": "f5 big-ip policy enforcement manager", "operator": "le", "version": "12.1.3"}, {"cpeName": "f5:big-ip_policy_enforcement_manager", "name": "f5 big-ip policy enforcement manager", "operator": "eq", "version": "13.1.0"}, {"cpeName": "f5:big-ip_application_acceleration_manager", "name": "f5 big-ip application acceleration manager", "operator": "eq", "version": "11.2.1"}, {"cpeName": "f5:big-ip_webaccelerator", "name": "f5 big-ip webaccelerator", "operator": "le", "version": "11.6.3"}, {"cpeName": "f5:big-ip_edge_gateway", "name": "f5 big-ip edge gateway", "operator": "le", "version": "11.6.3"}, {"cpeName": "f5:big-ip_policy_enforcement_manager", "name": "f5 big-ip policy enforcement manager", "operator": "eq", "version": "11.2.1"}, {"cpeName": "f5:big-ip_application_acceleration_manager", "name": "f5 big-ip application acceleration manager", "operator": "eq", "version": "13.1.0"}, {"cpeName": "f5:big-ip_analytics", "name": "f5 big-ip analytics", "operator": "le", "version": "11.5.5"}, {"cpeName": "f5:big-ip_application_acceleration_manager", "name": "f5 big-ip application acceleration manager", "operator": "le", "version": "11.5.5"}, {"cpeName": "f5:big-ip_access_policy_manager", "name": "f5 big-ip access policy manager", "operator": "le", "version": "11.5.5"}, {"cpeName": "f5:big-ip_global_traffic_manager", "name": "f5 big-ip global traffic manager", "operator": "eq", "version": "13.0.0"}, {"cpeName": "f5:big-ip_link_controller", "name": "f5 big-ip link controller", "operator": "eq", "version": "13.0.0"}, {"cpeName": "f5:big-ip_domain_name_system", "name": "f5 big-ip domain name system", "operator": "eq", "version": "11.2.1"}, {"cpeName": "f5:big-ip_application_acceleration_manager", "name": "f5 big-ip application acceleration manager", "operator": "le", "version": "11.6.3"}, {"cpeName": "f5:big-ip_advanced_firewall_manager", "name": "f5 big-ip advanced firewall manager", "operator": "le", "version": "11.6.3"}, {"cpeName": "f5:big-ip_advanced_firewall_manager", "name": "f5 big-ip advanced firewall manager", "operator": "eq", "version": "13.0.0"}, {"cpeName": "f5:big-ip_local_traffic_manager", "name": "f5 big-ip local traffic manager", "operator": "le", "version": "11.5.5"}, {"cpeName": "f5:big-ip_edge_gateway", "name": "f5 big-ip edge gateway", "operator": "le", "version": "11.5.5"}, {"cpeName": "f5:big-ip_global_traffic_manager", "name": "f5 big-ip global traffic manager", "operator": "eq", "version": "13.1.0"}, {"cpeName": "f5:big-ip_global_traffic_manager", "name": "f5 big-ip global traffic manager", "operator": "eq", "version": "11.2.1"}, {"cpeName": "f5:big-ip_link_controller", "name": "f5 big-ip link controller", "operator": "le", "version": "11.6.3"}], "cvss2": {"acInsufInfo": true, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, "cpe23": ["cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_webaccelerator:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_webaccelerator:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_edge_gateway:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_edge_gateway:11.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:11.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:11.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:11.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_edge_gateway:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_edge_gateway:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_edge_gateway:13.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_webaccelerator:11.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_webaccelerator:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:11.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_webaccelerator:13.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:11.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0:*:*:*:*:*:*:*"], "cwe": ["CWE-400"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.5:*:*:*:*:*:*:*", "versionEndIncluding": "11.5.5", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.3:*:*:*:*:*:*:*", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.3:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:13.0.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:11.6.3:*:*:*:*:*:*:*", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:11.5.5:*:*:*:*:*:*:*", "versionEndIncluding": "11.5.5", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:13.1.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:12.1.3:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.3:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.3:*:*:*:*:*:*:*", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.5:*:*:*:*:*:*:*", "versionEndIncluding": "11.5.5", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.1.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.2.1:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:11.6.3:*:*:*:*:*:*:*", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:11.5.5:*:*:*:*:*:*:*", "versionEndIncluding": "11.5.5", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:12.1.3:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:13.1.0:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:13.0.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:13.1.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:11.5.5:*:*:*:*:*:*:*", "versionEndIncluding": "11.5.5", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:11.6.3:*:*:*:*:*:*:*", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:12.1.3:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.3:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.5:*:*:*:*:*:*:*", "versionEndIncluding": "11.5.5", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.3:*:*:*:*:*:*:*", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.6.1", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.3:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:13.1.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:11.5.5:*:*:*:*:*:*:*", "versionEndIncluding": "11.5.5", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:11.6.3:*:*:*:*:*:*:*", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:11.2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.3:*:*:*:*:*:*:*", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.5:*:*:*:*:*:*:*", "versionEndIncluding": "11.5.5", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.3:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.3:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.3:*:*:*:*:*:*:*", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.5:*:*:*:*:*:*:*", "versionEndIncluding": "11.5.5", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:13.1.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:12.1.3:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.6.3:*:*:*:*:*:*:*", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:11.5.5:*:*:*:*:*:*:*", "versionEndIncluding": "11.5.5", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.6.3:*:*:*:*:*:*:*", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.0.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.5.5:*:*:*:*:*:*:*", "versionEndIncluding": "11.5.5", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.1.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.3:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.2.1:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.3:*:*:*:*:*:*:*", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.5:*:*:*:*:*:*:*", "versionEndIncluding": "11.5.5", "versionStartIncluding": "11.5.1", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.5:*:*:*:*:*:*:*", "versionEndIncluding": "11.5.5", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.3:*:*:*:*:*:*:*", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.6.1", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.3:*:*:*:*:*:*:*", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.1.0:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}}

{"f5": [{"lastseen": "2020-04-06T22:40:34", "bulletinFamily": "software", "cvelist": ["CVE-2017-6153"], "description": "\nF5 Product Development has assigned ID 676457 (BIG-IP) to this vulnerability. Additionally, [BIG-IP iHealth](<https://www.f5.com/services/support/support-offerings/big-ip-ihealth-diagnostic-tool>) may list Heuristic H52167636 on the **Diagnostics** > **Identified** > **Medium** screen.\n\nTo determine if your product and version have been evaluated for this vulnerability, refer to the **Applies to (see versions)** box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Branch | Versions known to be vulnerable | Fixes introduced in | Severity | CVSSv3 score1 | Vulnerable component or feature \n---|---|---|---|---|---|--- \nBIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) | 14.x | None | 14.0.0 | Medium | [5.3](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:F/RL:U/RC:C>) | TMM \n13.x | 13.0.0 - 13.1.0 | 13.1.0.4 \n12.x | 12.1.0 - 12.1.3 | 12.1.3.2 \n11.x | 11.6.1 - 11.6.3 \n11.5.1 - 11.5.5 \n11.2.1 | 11.6.3.2 \n11.5.6 \nARX | 6.x | None | Not applicable | Not vulnerable | None | None \nEnterprise Manager | 3.x | None | Not applicable | Not vulnerable | None | None \nBIG-IQ Centralized Management | 5.x | None | Not applicable | Not vulnerable | None | None \n4.x | None | Not applicable \nBIG-IQ Cloud and Orchestration | 1.x | None | Not applicable | Not vulnerable | None | None \nF5 iWorkflow | 2.x | None | Not applicable | Not vulnerable | None | None \nLineRate | 2.x | None | Not applicable | Not vulnerable | None | None \nTraffix SDC | 5.x | None | Not applicable | Not vulnerable | None | None \n4.x | None | Not applicable \n \n1 The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Fixes introduced in** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K9502: BIG-IP hotfix and point release matrix](<https://support.f5.com/csp/article/K9502>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 13.x)](<https://support.f5.com/csp/article/K13123>)\n * [K48955220: Installing an OPSWAT Endpoint Security update on BIG-IP APM systems (11.4.x and later)](<https://support.f5.com/csp/article/K48955220>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "edition": 1, "modified": "2018-08-16T01:27:00", "published": "2018-05-31T07:45:00", "id": "F5:K52167636", "href": "https://support.f5.com/csp/article/K52167636", "title": "TMM vulnerability CVE-2017-6153", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2020-09-14T13:54:53", "description": "Features in the BIG-IP system that utilizeinflate functionality\ndirectly, via an iRule, or via the inflate code from PEM module are\nsubjected to a service disruption via a 'Zip Bomb'\nattack.(CVE-2017-6153)\n\nImpact\n\nBIG-IP systems deployed in Forward Proxy mode with the inflate\nfunctionality enabled are at greatest risk for this vulnerability.\nBIG-IP systems that are collecting and manually decompressing data by\nway of iRules (using HTTP::collect and DECOMPRESS/COMPRESS ) have\nadditional risk, as this situation may increase the likelihood of\nsuccessful exploitation. The control plane is not impacted by this\nissue; this issue isobserved on the data plane.", "edition": 11, "cvss3": {"score": 5.3, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "published": "2018-11-02T00:00:00", "title": "F5 Networks BIG-IP : TMM vulnerability (K52167636)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-6153"], "modified": "2018-11-02T00:00:00", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"], "id": "F5_BIGIP_SOL52167636.NASL", "href": "https://www.tenable.com/plugins/nessus/118675", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K52167636.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118675);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/09\");\n\n script_cve_id(\"CVE-2017-6153\");\n\n script_name(english:\"F5 Networks BIG-IP : TMM vulnerability (K52167636)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Features in the BIG-IP system that utilizeinflate functionality\ndirectly, via an iRule, or via the inflate code from PEM module are\nsubjected to a service disruption via a 'Zip Bomb'\nattack.(CVE-2017-6153)\n\nImpact\n\nBIG-IP systems deployed in Forward Proxy mode with the inflate\nfunctionality enabled are at greatest risk for this vulnerability.\nBIG-IP systems that are collecting and manually decompressing data by\nway of iRules (using HTTP::collect and DECOMPRESS/COMPRESS ) have\nadditional risk, as this situation may increase the likelihood of\nsuccessful exploitation. The control plane is not impacted by this\nissue; this issue isobserved on the data plane.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K52167636\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K52167636.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K52167636\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.1.0-12.1.3\",\"11.6.1-11.6.3\",\"11.5.1-11.5.5\",\"11.2.1\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"14.0.0\",\"13.1.0.4\",\"12.1.3.2\",\"11.6.3.2\",\"11.5.6\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.1.0-12.1.3\",\"11.6.1-11.6.3\",\"11.5.1-11.5.5\",\"11.2.1\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"14.0.0\",\"13.1.0.4\",\"12.1.3.2\",\"11.6.3.2\",\"11.5.6\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.1.0-12.1.3\",\"11.6.1-11.6.3\",\"11.5.1-11.5.5\",\"11.2.1\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"14.0.0\",\"13.1.0.4\",\"12.1.3.2\",\"11.6.3.2\",\"11.5.6\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.1.0-12.1.3\",\"11.6.1-11.6.3\",\"11.5.1-11.5.5\",\"11.2.1\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"14.0.0\",\"13.1.0.4\",\"12.1.3.2\",\"11.6.3.2\",\"11.5.6\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.1.0-12.1.3\",\"11.6.1-11.6.3\",\"11.5.1-11.5.5\",\"11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"14.0.0\",\"13.1.0.4\",\"12.1.3.2\",\"11.6.3.2\",\"11.5.6\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.1.0-12.1.3\",\"11.6.1-11.6.3\",\"11.5.1-11.5.5\",\"11.2.1\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"14.0.0\",\"13.1.0.4\",\"12.1.3.2\",\"11.6.3.2\",\"11.5.6\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.1.0-12.1.3\",\"11.6.1-11.6.3\",\"11.5.1-11.5.5\",\"11.2.1\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"14.0.0\",\"13.1.0.4\",\"12.1.3.2\",\"11.6.3.2\",\"11.5.6\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.1.0-12.1.3\",\"11.6.1-11.6.3\",\"11.5.1-11.5.5\",\"11.2.1\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"14.0.0\",\"13.1.0.4\",\"12.1.3.2\",\"11.6.3.2\",\"11.5.6\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.1.0-12.1.3\",\"11.6.1-11.6.3\",\"11.5.1-11.5.5\",\"11.2.1\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"14.0.0\",\"13.1.0.4\",\"12.1.3.2\",\"11.6.3.2\",\"11.5.6\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"13.0.0-13.1.0\",\"12.1.0-12.1.3\",\"11.6.1-11.6.3\",\"11.5.1-11.5.5\",\"11.2.1\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"14.0.0\",\"13.1.0.4\",\"12.1.3.2\",\"11.6.3.2\",\"11.5.6\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}]}