Insufficient boundary checks on the request URL may cause the tmm process to assert when the user is redirected back to the original request URL following successful authentication to the BIG-IP APM system. (CVE-2017-0302)
Impact
An authenticated user with an established access session to the BIG-IP APM system may be able to cause a traffic disruption if the length of the requested URL is less than 16 characters.
CPE | Name | Operator | Version |
---|---|---|---|
big-ip afm | eq | 11.4.0 | |
big-ip afm | eq | 11.4.1 | |
big-ip afm | eq | 11.5.0 | |
big-ip afm | eq | 11.5.1 | |
big-ip afm | eq | 11.5.2 | |
big-ip afm | eq | 11.5.3 | |
big-ip afm | eq | 11.5.4 | |
big-ip afm | eq | 11.6.0 | |
big-ip afm | eq | 11.6.1 | |
big-ip afm | eq | 12.0.0 |