Lucene search
F5F5:K43552605HistoryJan 06, 2016 - 12:00 a.m.
K43552605 : Out-of-bounds memory vulnerability with the BIG-IP APM system CVE-2015-8098
2016-01-0600:00:00
my.f5.com
8
Security Advisory Description
An out-of-bounds memory vulnerability may allow an unauthenticated BIG-IP APM user to cause a denial-of-service (DoS) or possibly perform remote code execution on a BIG-IP system when a remote desktop profile is assigned to a virtual server. (CVE-2015-8098).
For example, a remote desktop profile is assigned to a virtual server when either of the following options is enabled in the virtual server configuration:
- Application Tunnels (Java & Per-App VPN)
- VDI profile
Impact
An unauthenticated remote attacker may be able to cause a denial-of-service (DoS) or perform remote code execution on an affected BIG-IP APM device.
Note: This vulnerability was identified during internal code audit, and there are no known exploits at this time.
| CPE | Name | Operator | Version |
|---|---|---|---|
| f5 websafe | eq | 1.0.0 | |
| big-ip afm | eq | 11.3.0 | |
| big-ip afm | eq | 11.4.0 | |
| big-ip afm | eq | 11.4.1 | |
| big-ip afm | eq | 11.5.0 | |
| big-ip afm | eq | 11.5.1 | |
| big-ip afm | eq | 11.5.10 | |
| big-ip afm | eq | 11.5.2 | |
| big-ip afm | eq | 11.5.3 | |
| big-ip afm | eq | 11.5.4 |
Related
openvas
openvas
cvelist
cvelist
CVE-2015-8098
2016-01-12 19:00:00
nvd
nvd
CVE-2015-8098
2016-01-12 19:59:08
nessus
nessus
f5
f5
cve
cve
CVE-2015-8098
2016-01-12 19:59:08
prion
prion
Out-of-bounds
2016-01-12 19:59:00