K22317030: iControl REST vulnerability CVE-2017-6145

🗓️ 21 Feb 2023 18:48:23Reported by f5Type

f5🔗 my.f5.com👁 32 Views

iControl REST converts expired cookies to valid token

Reporter	Title	Published	Views	Family All 7
CNVD	Multiple F5 Product Access Privilege Vulnerabilities	23 Oct 201700:00	–	cnvd
CVE	CVE-2017-6145	20 Oct 201715:00	–	cve
Cvelist	CVE-2017-6145	20 Oct 201715:00	–	cvelist
EUVD	EUVD-2017-15210	7 Oct 202500:30	–	euvd
Tenable Nessus	F5 Networks BIG-IP : iControl REST vulnerability (K22317030)	13 Jul 201700:00	–	nessus
NVD	CVE-2017-6145	20 Oct 201715:29	–	nvd
Prion	Authorization	20 Oct 201715:29	–	prion

Vulners

Node

f5 big-ip_ltmMatch13.0.0

OR

f5 big-ip_ltmRange12.0.0–12.1.2

OR

f5 big-ip_aamMatch13.0.0

OR

f5 big-ip_aamRange12.0.0–12.1.2

OR

f5 big-ip_afmMatch13.0.0

OR

f5 big-ip_afmRange12.0.0–12.1.2

OR

f5 big-ip_analyticsMatch13.0.0

OR

f5 big-ip_analyticsRange12.0.0–12.1.2

OR

f5 big-ip_apmMatch13.0.0

OR

f5 big-ip_apmRange12.0.0–12.1.2

OR

f5 big-ip_asmMatch13.0.0

OR

f5 big-ip_asmRange12.0.0–12.1.2

OR

f5 big-ip_dnsMatch13.0.0

OR

f5 big-ip_dnsRange12.0.0–12.1.2

OR

f5 big-ip_link_controllerMatch13.0.0

OR

f5 big-ip_link_controllerRange12.0.0–12.1.2

OR

f5 big-ip_pemMatch13.0.0

OR

f5 big-ip_pemRange12.0.0–12.1.2

OR

f5 big-ip_websafeMatch13.0.0

OR

f5 big-ip_websafeRange12.0.0–12.1.2

21 Feb 2023 18:48Current

7.7High risk

Vulners AI Score7.7

CVSS 37.3

CVSS 27.5

EPSS0.00365

icontrol rest expired cookies valid tokens authentication