CVE-2017-6134

Published Dec 21, 2017
Last updated 7 years ago
CVSS medium 6.5
Overview

Description: In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0, 12.1.0 - 12.1.2 and 11.5.1 - 11.6.1, an undisclosed sequence of packets, sourced from an adjacent network may cause TMM to crash.
Source: f5sirt@f5.com
NVD status: Modified
Risk scores

CVSS 3.0

Type: Primary
Base score: 6.5
Impact score: 3.6
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 3.3
Impact score: 2.9
Exploitability score: 6.5
Vector string: AV:A/AC:L/Au:N/C:N/I:N/A:P
Weaknesses

nvd@nist.gov: CWE-20
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "993AD7D2-DBC5-40B6-9CBE-1BA9590FCCC4",
            "versionEndIncluding": "11.6.1",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48AEF668-8ABE-4A09-B45B-AB30B7A6464B",
            "versionEndIncluding": "12.1.2",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA7D64DC-7271-4617-BD46-99C8246779CA"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E8D6DC6-FE8D-4C73-930B-99E2B3FB18ED",
            "versionEndIncluding": "11.6.1",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CAB3D2D-F589-41AB-A68A-8AFA8760E394",
            "versionEndIncluding": "12.1.2",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13EDBCE3-05FD-4B5B-926B-0B5B18199083",
            "versionEndIncluding": "11.6.1",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3C3362F-1251-4E7B-B8CB-BBE7344A915E",
            "versionEndIncluding": "12.1.2",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C4E5F36-434B-48E1-9715-4EEC22FB23D1"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B62C49F2-DAAD-467A-B27C-20E2A014787B",
            "versionEndIncluding": "11.6.1",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7E33F47-378B-4077-AA3E-6EBED04D3609",
            "versionEndIncluding": "12.1.2",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34D75E7F-B65F-421D-92EE-6B20756019C2"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83DC910C-4396-4945-8635-E9C8038BE872",
            "versionEndIncluding": "11.6.1",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6A76187-6118-4A9D-9F7C-0C9D3931BF42",
            "versionEndIncluding": "12.1.2",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BCF89E7C-806E-4800-BAA9-0225433B6C56"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EAB57533-B744-4A2F-8AE0-7D8037CBA70D",
            "versionEndIncluding": "11.6.1",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE82B01E-278D-40DB-9CD5-D69F863A97CD",
            "versionEndIncluding": "12.1.2",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7569977A-E567-4115-B00C-4B0CBA86582E"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65F88F93-D566-44FC-969D-B11C51B4261E",
            "versionEndIncluding": "11.6.1",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_dns:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D90D84D6-E4EF-4686-A7D9-52FF577251D8",
            "versionEndIncluding": "12.1.2",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_dns:13.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93674162-3A63-4F05-B68F-B7D54B0AAE98"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F5F1D95-D705-4715-B844-52E8ECBB266D",
            "versionEndIncluding": "11.6.1",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "528457E0-A8CA-454B-AC01-C55630E2FA49",
            "versionEndIncluding": "12.1.2",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3914B25C-4E86-4C00-A199-4C9A99BA2EC4"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC21461D-B2B2-4FD2-B24F-DCAF525847EF",
            "versionEndIncluding": "11.6.1",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8AE206C-8F30-4C1A-9823-BAF2052EF065",
            "versionEndIncluding": "12.1.2",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2C4414E-8016-48B5-8CC3-F97FF2D85922"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C73A1C36-0F0F-4EDD-99C6-321F9367FF70",
            "versionEndIncluding": "11.6.1",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91F8E790-6C3C-476D-B403-4F13CEF0BA7A",
            "versionEndIncluding": "12.1.2",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42821916-E601-4831-B37B-3202ACF2C562"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E27FFA2-D2AC-4838-A4C6-58964794977C",
            "versionEndIncluding": "11.6.1",
            "versionStartIncluding": "11.5.1"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48B5CC4A-32F1-474A-A89B-A6C7E56513D7",
            "versionEndIncluding": "12.1.2",
            "versionStartIncluding": "12.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_websafe:13.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2E56D76-1A89-46AB-9C17-CB24662FFDE7"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
