CVE-2016-5700
Published Oct 3, 2016
Last updated 8 years ago
Overview
- Description
- Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4, and 12.1.0 before HF2, when configured with the HTTP Explicit Proxy functionality or SOCKS profile, allow remote attackers to modify the system configuration, read system files, and possibly execute arbitrary code via unspecified vectors.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-284
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1B6EA0C0-9C26-4A87-98F1-5B317D606ECB"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D379372-A226-4230-B1F3-04C696518BD8"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "22FAC35D-2803-49B0-9382-F14594B88FC5"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C72257B-FF99-4707-A0E3-316D538B1CF6"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18CFA52E-F9D7-40C3-9DB5-CDD5767E1F0D"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1EA4F45-35F7-4687-8D1A-A5ACD846500A"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64273A2C-E5A1-4605-92DD-EBECC7F051D5"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E5D27D4A-BD5C-4FA9-AA72-F7956298DE06"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "12F86EB5-D581-4103-A802-44D968BA8D55"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36F383ED-8CB5-400D-BFDB-BD5B8CD8C7AE"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6203A11-82C3-4ABA-94E9-085BFF1A0E4C"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "06224D59-35F8-4168-80C5-CF5B17E99050"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2B502F2-404C-463B-B6BE-87489DC881F9"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A82C7B1C-E195-4D94-B604-78FB464C4F81"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "228D5DA1-C78A-4E05-997A-50F6C1B59593"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_websafe:11.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "452C59B8-230D-4FC0-B76D-FA6E381E3713"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_websafe:12.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2EE1EEA6-1E25-4A90-91A1-386D19808557"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_websafe:12.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16A05340-0AE2-49CA-903F-44383421577E"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "13E6D2CA-CC4F-4317-A842-4DF0693B0CB6"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB017D7A-3290-4EF5-9647-B488771A5F32"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F316C54-FAE4-48D8-9E40-ED358C30BF24"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AC0F5FD3-45E7-4D55-A3AC-6572FC0682D0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "56BAC4C7-AB42-4BBD-98B5-0AE8B032CCC7"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5CDEC701-DAB3-4D92-AA67-B886E6693E46"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C641B4F-DCFF-4A1B-9E00-EDF18A270241"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BBBB6E7C-DA1A-479F-9DD2-DE0C3CA82E92"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E3D8A24-0B8D-432B-8F06-D0E1642E7C1C"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A4489382-0668-4CFB-BA89-D54762937CEE"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9850D0AA-B173-47B2-9B69-75E6D1FAF490"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "281D0B5B-27DF-4E8A-AFC9-D09468F8ECDF"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40994EB4-4D31-4697-964D-1F0B09864DF2"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E5B40837-EC2B-41FB-ACC3-806054EAF28C"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "48BE0210-7058-462A-BA17-845D3E4F52FA"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ECA90FB8-E2CD-400F-B753-1B482E7FAC96"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1C0312FC-8178-46DE-B4EE-00F2895073BA"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC6C5628-14FF-4D75-B62E-D4B2707C1E3D"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C9E574F6-34B6-45A6-911D-E5347DA22F69"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BCF94129-8779-4D68-8DD4-B828CA633746"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA2E88AA-0523-48D0-8664-6AFDBCB6C940"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E33BCA5B-CE91-451C-9821-2023A9E461C1"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCD2044C-AC6F-4145-B1A0-8EB26DCF1F8C"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3755740D-F1DC-4910-ADDD-9D491515201C"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EA244A7D-F65D-4114-81C8-CE811959EA10"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5EA9F72C-8344-4370-B511-31BEC8BA63E8"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "96CF015E-C74B-4215-9103-8087BC1D12AB"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CFE4DB00-433D-414A-A1CE-E507B9BB809B"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B276E4DF-69FC-4158-B93A-781A45605034"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CBAB92C5-2D50-49CC-AECA-0D16BC44A788"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC827031-CA39-4081-8CE0-30EAC78DF756"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1AD2C1D2-103E-4B0F-84AA-999F01E695F0"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "855E91A4-0A0C-4E5C-8019-FB513A793803"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCCC2092-E109-4FF6-9B85-6C9434269851"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8923BB93-96C1-417B-9172-4A81E731EBA2"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "274E34BF-82A5-4D9E-BC72-202193A47A5A"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "475F0EF8-42CB-4099-9C4A-390F946C4924"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "94DBCD7A-E4DA-4C08-87A4-960CF53A83E6"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2DB2118A-0F9C-4273-BB07-85FEA32C785B"
}
],
"operator": "OR"
}
]
}
]