Lucene search

F5SOL29154575

HistoryMay 13, 2016 - 12:00 a.m.

SOL29154575 - ImageMagick vulnerability CVE-2016-3717

2016-05-1300:00:00

support.f5.com

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.971 High

EPSS

Percentile

99.7%

JSON

Vulnerability Recommended Actions

If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in theVersions known to be not vulnerable column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.

BIG-IP/BIG-IQ/Enterprise Manager

To mitigate this vulnerability, you can disable the vulnerable ImageMagick coders in the global policy file**/etc/ImageMagick/policy.xml**. To do so, perform the following procedure:

Impact of action: Performing the following procedure should not have a negative impact on your system.

Log in to the command line of the affected system.
Back up the ImageMagickglobal policy file by typing the following command:

cp -p /etc/ImageMagick/policy.xml /var/tmp/policy.xml.sol29154575

Edit the ImageMagickglobal policy file using a text editor of your choice, for example vi.
Include the vulnerable ImageMagickcoders in the policymap stanza. For example, if theLABELcoder is vulnerable, you would include the following line in thepolicymap stanza:

Since the vulnerable coder listed in CVE-2016-3717 is LABEL, the modified policymap stanza should look similar to the following example:

Save the changes and exit the text editor.

Supplemental Information

SOL9970: Subscribing to email notifications regarding F5 products
SOL9957: Creating a custom RSS feed to view new and updated documents
SOL4602: Overview of the F5 security vulnerability response policy
SOL4918: Overview of the F5 critical issue hotfix policy
SOL03151140: ImageMagick vulnerability CVE-2016-3714
SOL10550253: ImageMagick vulnerability CVE-2016-3715
SOL25102203: ImageMagick vulnerability CVE-2016-3716
SOL61974123: ImageMagick vulnerability CVE-2016-3718
The Accelerating Images with Image Optimization chapter of the BIG-IP Acceleration: Implementations guide

Note: For information about how to locate F5 product guides, refer to SOL12453464: Finding product documentation on AskF5.

CPENameOperatorVersion
big-iq securityle4.5.0
big-iq centralized managementle5.0.0
big-ip edge gatewayle11.3.0
big-iq cloud and orchestrationle1.0.0
big-ip webacceleratorle11.3.0
big-ip aamle12.1.1
big-iq cloudle4.5.0
big-iq devicele4.5.0
big-iq adcle4.5.0
enterprise managerle3.1.1

Name	Operator	Version
big-iq security	le	4.5.0
big-iq centralized management	le	5.0.0
big-ip edge gateway	le	11.3.0
big-iq cloud and orchestration	le	1.0.0
big-ip webaccelerator	le	11.3.0
big-ip aam	le	12.1.1
big-iq cloud	le	4.5.0
big-iq device	le	4.5.0
big-iq adc	le	4.5.0
enterprise manager	le	3.1.1