K05263202 : BIG-IP IPsec tunnel endpoint vulnerability CVE-2017-6156

2018-04-1200:00:00

my.f5.com

0.001 Low

EPSS

Percentile

49.8%

JSON

Security Advisory Description

When the BIG-IP system is configured with a wildcard IPsec tunnel endpoint, it may allow a remote attacker to disrupt or impersonate the tunnels that have completed phase 1 IPsec negotiations. The attacker must possess the necessary credentials to negotiate the phase 1 of the IPsec exchange to exploit this vulnerability; in many environments, this limits the attack surface to other endpoints under the same administration. (CVE-2017-6156)

Impact

A remote attacker may be able to disrupt or impersonate the tunnels that have completed phase 1 IPsec negotiations.

CPENameOperatorVersion
big-iq centralized managementeq4.6.0
big-iq centralized managementeq5.0.0
big-iq centralized managementeq5.1.0
big-iq centralized managementeq5.2.0
big-iq centralized managementeq5.3.0
big-iq centralized managementeq5.4.0
big-ip afmeq11.5.1
big-ip afmeq11.5.2
big-ip afmeq11.5.3
big-ip afmeq11.5.4

Name	Operator	Version
big-iq centralized management	eq	4.6.0
big-iq centralized management	eq	5.0.0
big-iq centralized management	eq	5.1.0
big-iq centralized management	eq	5.2.0
big-iq centralized management	eq	5.3.0
big-iq centralized management	eq	5.4.0
big-ip afm	eq	11.5.1
big-ip afm	eq	11.5.2
big-ip afm	eq	11.5.3
big-ip afm	eq	11.5.4

Rows per page:

1-10 of 1751

0.001 Low

EPSS

Percentile

49.8%

JSON

Related for F5:K05263202