logo
DATABASE RESOURCES PRICING ABOUT US

GraphicsMagick vulnerability CVE-2016-5118

Description

F5 Product Development has assigned ID 596488 (BIG-IP), ID 591863 (BIG-IQ and F5 iWorkflow), and ID 591865 (Enterprise Manager) to this vulnerability. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table: Product| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature ---|---|---|---|--- BIG-IP LTM| None| 13.0.0 12.0.0 - 12.1.2 11.4.0 - 11.6.1 11.2.1 10.2.1 - 10.2.4| Not vulnerable| None BIG-IP AAM| 12.0.0 - 12.1.0 11.4.0 - 11.6.1| 13.0.0 12.1.1 - 12.1.2 11.6.1 HF1 11.5.4 HF2| Severe| WebAcceleration profile configured with Image Optimization BIG-IP AFM| None| 13.0.0 12.0.0 - 12.1.2 11.4.0 - 11.6.1| Not vulnerable| None BIG-IP Analytics| None| 13.0.0 12.0.0 - 12.1.2 11.4.0 - 11.6.1 11.2.1| Not vulnerable| None BIG-IP APM| None| 13.0.0 12.0.0 - 12.1.2 11.4.0 - 11.6.1 11.2.1 10.2.1 - 10.2.4| Not vulnerable| None BIG-IP ASM| None| 13.0.0 12.0.0 - 12.1.2 11.4.0 - 11.6.1 11.2.1 10.2.1 - 10.2.4| Not vulnerable| None BIG-IP DNS| None| 13.0.0 12.0.0 - 12.1.2| Not vulnerable| None BIG-IP Edge Gateway| 11.2.1| 11.2.1 HF16 10.2.1 - 10.2.4| Severe| WebAcceleration profile configured with Image Optimization BIG-IP GTM| None| 11.4.0 - 11.6.1 11.2.1 10.2.1 - 10.2.4| Not vulnerable| None BIG-IP Link Controller| None| 13.0.0 12.0.0 - 12.1.2 11.4.0 - 11.6.1 11.2.1 10.2.1 - 10.2.4| Not vulnerable| None BIG-IP PEM| None| 13.0.0 12.0.0 - 12.1.2 11.4.0 - 11.6.1| Not vulnerable| None BIG-IP PSM| None| 11.4.0 - 11.4.1 10.2.1 - 10.2.4| Not vulnerable| None BIG-IP WebAccelerator| 11.2.1| 11.2.1 HF16 10.2.1 - 10.2.4| Severe| WebAcceleration profile configured with Image Optimization BIG-IP WOM| None| 11.2.1 10.2.1 - 10.2.4| Not vulnerable| None ARX| None| 6.2.0 - 6.4.0| Not vulnerable| None Enterprise Manager| 3.1.1| None| Low| ImageMagick FirePass| None| 7.0.0| Not vulnerable| None BIG-IQ Cloud| 4.0.0 - 4.5.0| None| Low| ImageMagick BIG-IQ Device| 4.2.0 - 4.5.0| None| Low| ImageMagick BIG-IQ Security| 4.0.0 - 4.5.0| None| Low| ImageMagick BIG-IQ ADC| 4.5.0| None| Low| ImageMagick BIG-IQ Centralized Management| 5.0.0| None| Low| ImageMagick BIG-IQ Cloud and Orchestration| 1.0.0| None| Low| ImageMagick F5 iWorkflow| 2.0.0| None| Low| ImageMagick LineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None F5 MobileSafe| None| 1.0.0| Not vulnerable| None F5 WebSafe| None| 1.0.0| Not vulnerable| None Traffix SDC| None| 5.0.0 4.0.0 - 4.4.0| Not vulnerable| None If you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists. Mitigation To mitigate this vulnerability, you can disable Image Optimization in the WebAcceleration profile. * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>) * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>) * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>) * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>) * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>) * [K13123: Managing BIG-IP product hotfixes (11.x - 12.x)](<https://support.f5.com/csp/article/K13123>) * [K10025: Managing BIG-IP product hotfixes (10.x)](<https://support.f5.com/csp/article/K10025>) * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>) * [K15106: Managing BIG-IQ product hotfixes](<https://support.f5.com/csp/article/K15106>) * [K15113: BIG-IQ hotfix matrix](<https://support.f5.com/csp/article/K15113>)


Related