Multiple Wireshark (tshark) vulnerabilities

2016-06-2500:41:00

support.f5.com

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.008 Low

EPSS

Percentile

78.9%

JSON

F5 Product Development has assigned ID 600847 (ARX) to this vulnerability.

To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:

Product	Versions known to be vulnerable	Versions known to be not vulnerable	Severity	Vulnerable component or feature
BIG-IP LTM	None	12.0.0 - 12.1.0
11.4.0 - 11.6.1
11.2.1
10.2.1 - 10.2.4	Not vulnerable	None
BIG-IP AAM	None	12.0.0 - 12.1.0
11.4.0 - 11.6.1	Not vulnerable	None
BIG-IP AFM	None	12.0.0 - 12.1.0
11.4.0 - 11.6.1	Not vulnerable	None
BIG-IP Analytics	None	12.0.0 - 12.1.0
11.4.0 - 11.6.1
11.2.1	Not vulnerable	None
BIG-IP APM	None	12.0.0 - 12.1.0
11.4.0 - 11.6.1
11.2.1
10.2.1 - 10.2.4	Not vulnerable	None
BIG-IP ASM	None	12.0.0 - 12.1.0
11.4.0 - 11.6.1
11.2.1
10.2.1 - 10.2.4	Not vulnerable	None
BIG-IP DNS	None	12.0.0 - 12.1.0	Not vulnerable	None
BIG-IP Edge Gateway	None	11.2.1
10.2.1 - 10.2.4	Not vulnerable	None
BIG-IP GTM	None	11.4.0 - 11.6.1
11.2.1
10.2.1 - 10.2.4	Not vulnerable	None
BIG-IP Link Controller	None	12.0.0 - 12.1.0
11.4.0 - 11.6.1
11.2.1
10.2.1 - 10.2.4	Not vulnerable	None
BIG-IP PEM	None	12.0.0 - 12.1.0
11.4.0 - 11.6.1	Not vulnerable	None
BIG-IP PSM	None	11.4.0 - 11.4.1
10.2.1 - 10.2.4	Not vulnerable	None
BIG-IP WebAccelerator	None	11.2.1
10.2.1 - 10.2.4	Not vulnerable	None
BIG-IP WOM	None	11.2.1
10.2.1 - 10.2.4	Not vulnerable	None
ARX	6.2.0 - 6.4.0	None	Low	Wireshark (tshark)
Enterprise Manager	None	3.1.1	Not vulnerable	None
FirePass	None	7.0.0	Not vulnerable	None
BIG-IQ Cloud	None	4.0.0 - 4.5.0	Not vulnerable	None
BIG-IQ Device	None	4.2.0 - 4.5.0	Not vulnerable	None
BIG-IQ Security	None	4.0.0 - 4.5.0	Not vulnerable	None
BIG-IQ ADC	None	4.5.0	Not vulnerable	None
BIG-IQ Centralized Management	None	5.0.0	Not vulnerable	None
BIG-IQ Cloud and Orchestration	None	1.0.0	Not vulnerable	None
F5 iWorkflow	None	2.0.0	Not vulnerable	None
LineRate	None	2.5.0 - 2.6.1	Not vulnerable	None
F5 MobileSafe	None	1.0.0	Not vulnerable	None
F5 WebSafe	None	1.0.0	Not vulnerable	None
Traffix SDC	None	5.0.0
4.0.0 - 4.4.0	Not vulnerable	None

If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in theVersions known to be not vulnerable column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.

To mitigate this vulnerability, you can refrain from running Wireshark (tshark) on the ARX system.