Lucene search
F5F5:K02692210HistoryOct 26, 2017 - 12:00 a.m.
K02692210 : BIG-IP virtual server with HTTP Explicit Proxy and/or SOCKS vulnerability CVE-2017-6157
2017-10-2600:00:00
my.f5.com
125
Security Advisory Description
BIG-IP virtual servers with a configuration using the HTTP Explicit Proxy functionality and/or SOCKS profile are vulnerable to an unauthenticated, remote attack that allows modification of BIG-IP system configuration, extraction of sensitive system files, and/or possible remote command execution on the BIG-IP system. (CVE-2017-6157)
Note: This vulnerability covers the scenarios that were not addressed in K35520031: BIG-IP virtual server with HTTP Explicit Proxy and/or SOCKS vulnerability CVE-2016-5700.
F5 Technical Support has no additional information about this issue.
Impact
When this vulnerability is successfully exploited, a remote attacker may be able to modify the system configuration or extract sensitive system files.
| CPE | Name | Operator | Version |
|---|---|---|---|
| big-ip afm | eq | 11.4.0 | |
| big-ip afm | eq | 11.4.1 | |
| big-ip afm | eq | 11.5.0 | |
| big-ip afm | eq | 11.5.1 | |
| big-ip afm | eq | 11.5.2 | |
| big-ip afm | eq | 11.5.3 | |
| big-ip afm | eq | 11.5.4 | |
| big-ip afm | eq | 11.5.5 | |
| big-ip afm | eq | 11.6.0 | |
| big-ip afm | eq | 11.6.1 |
Related
nessus
nessus
cve
cve
CVE-2017-6157
2017-10-27 14:29:00
CVE-2016-5700
2016-10-03 16:09:13
cvelist
cvelist
CVE-2017-6157
2017-10-26 00:00:00
CVE-2016-5700
2016-10-03 16:00:00
nvd
nvd
CVE-2017-6157
2017-10-27 14:29:00
CVE-2016-5700
2016-10-03 16:09:13
f5
f5
K35520031 : BIG-IP virtual server with HTTP Explicit Proxy and/or SOCKS vulnerability CVE-2016-5700
2016-09-28 00:00:00
SOL35520031 - BIG-IP virtual server with HTTP Explicit Proxy and/or SOCKS vulnerability CVE-2016-5700
2016-09-28 00:00:00
SSL Intercept iApp HTTP Explicit Proxy vulnerability CVE-2017-0305
2017-04-05 22:46:00
openvas
openvas
prion
prion
Design/Logic Flaw
2016-10-03 16:09:00
Command injection
2017-10-27 14:29:00