K64743453 : NAT64 vulnerability CVE-2016-5745

2016-09-2800:00:00

my.f5.com

9.5 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.1%

JSON

Security Advisory Description

BIG-IP devices using NAT64 are vulnerable to an unauthenticated remote attack that may allow modification of the BIG-IP system configuration. (CVE-2016-5745)
F5 Technical Support has no additional information about this issue.
Impact
An unauthorized remote attack may allow modification or extraction of the BIG-IP system configuration files.
Note: This vulnerability was identified during an internal code audit, and there are no known exploits at this time.
CVSS v3.0 metrics for CVE-2016-5745
CVSS V3 score: 10.0 (base) / 8.7 (temporal)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Note: Due to details unique to CVE-2016-5745, we have included CVSS v3.0 metrics in this article. We have not included CVSS v3.0 metrics in Security Advisory articles published on AskF5 for other vulnerabilities.

CPENameOperatorVersion
big-ip afmeq11.4.0
big-ip afmeq11.4.1
big-ip afmeq11.5.0
big-ip afmeq11.5.1
big-ip afmeq11.5.2
big-ip afmeq11.5.3
big-ip afmeq11.5.4
big-ip afmeq11.6.0
big-ip afmeq11.6.1
big-ip afmeq12.0.0

Name	Operator	Version
big-ip afm	eq	11.4.0
big-ip afm	eq	11.4.1
big-ip afm	eq	11.5.0
big-ip afm	eq	11.5.1
big-ip afm	eq	11.5.2
big-ip afm	eq	11.5.3
big-ip afm	eq	11.5.4
big-ip afm	eq	11.6.0
big-ip afm	eq	11.6.1
big-ip afm	eq	12.0.0

Rows per page:

1-10 of 1951