Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

fstec логотип

BDU:2017-02608

Опубликовано: 26 окт. 2017
Источник: fstec
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

Уязвимость прокси-сервера SOCKS средства защиты BIG-IP Websafe, системы контроля и управления сетевым трафиком BIG-IP Policy Enforcement Manager, средства защиты приложений BIG-IP Application Security Manager, системы балансировки локального трафика BIG-IP Local Traffic Manager, системы балансировки интернет-трафика BIG-IP Link Controller, средства доставки приложений BIG-IP Application Acceleration Manager, межсетевого экрана BIG-IP Advanced Firewall Manager и средства контроля доступа и удаленной аутентификации BIG-IP Access Policy Manager связана с ошибками механизма очистки. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании

Вендор

F5 Networks, Inc.

Наименование ПО

BIG-IP Advanced Firewall Manager
BIG-IP Application Acceleration Manager
BIG-IP Access Policy Manager
BIG-IP Application Security Manager
BIG-IP Policy Enforcement Manager
BIG-IP Link Controller
BIG-IP Local Traffic Manager
BIG-IP WebSafe

Версия ПО

12.0.0 (BIG-IP Advanced Firewall Manager)
12.0.0 (BIG-IP Application Acceleration Manager)
12.0.0 (BIG-IP Access Policy Manager)
12.0.0 (BIG-IP Application Security Manager)
12.0.0 (BIG-IP Policy Enforcement Manager)
12.0.0 (BIG-IP Link Controller)
12.0.0 (BIG-IP Local Traffic Manager)
13.0.0 (BIG-IP Application Security Manager)
13.0.0 (BIG-IP Link Controller)
13.0.0 (BIG-IP Advanced Firewall Manager)
13.0.0 (BIG-IP Access Policy Manager)
13.0.0 (BIG-IP Local Traffic Manager)
13.0.0 (BIG-IP Policy Enforcement Manager)
13.0.0 (BIG-IP Application Acceleration Manager)
11.5.0 (BIG-IP Policy Enforcement Manager)
11.5.1 (BIG-IP Policy Enforcement Manager)
11.5.2 (BIG-IP Policy Enforcement Manager)
11.5.3 (BIG-IP Policy Enforcement Manager)
11.5.4 (BIG-IP Policy Enforcement Manager)
11.5.5 (BIG-IP Policy Enforcement Manager)
11.6.0 (BIG-IP Policy Enforcement Manager)
11.6.1 (BIG-IP Policy Enforcement Manager)
12.1.0 (BIG-IP Policy Enforcement Manager)
12.1.1 (BIG-IP Policy Enforcement Manager)
12.1.2 (BIG-IP Policy Enforcement Manager)
1.0.0 (BIG-IP WebSafe)
11.5.0 (BIG-IP Application Security Manager)
11.5.1 (BIG-IP Application Security Manager)
11.5.2 (BIG-IP Application Security Manager)
11.5.3 (BIG-IP Application Security Manager)
11.5.4 (BIG-IP Application Security Manager)
11.5.5 (BIG-IP Application Security Manager)
11.6.0 (BIG-IP Application Security Manager)
11.6.1 (BIG-IP Application Security Manager)
12.1.0 (BIG-IP Application Security Manager)
12.1.1 (BIG-IP Application Security Manager)
12.1.2 (BIG-IP Application Security Manager)
11.5.0 (BIG-IP Local Traffic Manager)
11.5.1 (BIG-IP Local Traffic Manager)
11.5.2 (BIG-IP Local Traffic Manager)
11.5.3 (BIG-IP Local Traffic Manager)
11.5.4 (BIG-IP Local Traffic Manager)
11.5.5 (BIG-IP Local Traffic Manager)
11.6.0 (BIG-IP Local Traffic Manager)
11.6.1 (BIG-IP Local Traffic Manager)
12.1.0 (BIG-IP Local Traffic Manager)
12.1.1 (BIG-IP Local Traffic Manager)
12.1.2 (BIG-IP Local Traffic Manager)
11.5.0 (BIG-IP Link Controller)
11.5.1 (BIG-IP Link Controller)
11.5.2 (BIG-IP Link Controller)
11.5.3 (BIG-IP Link Controller)
11.5.4 (BIG-IP Link Controller)
11.5.5 (BIG-IP Link Controller)
11.6.0 (BIG-IP Link Controller)
11.6.1 (BIG-IP Link Controller)
12.1.0 (BIG-IP Link Controller)
12.1.1 (BIG-IP Link Controller)
12.1.2 (BIG-IP Link Controller)
11.5.0 (BIG-IP Application Acceleration Manager)
11.5.1 (BIG-IP Application Acceleration Manager)
11.5.2 (BIG-IP Application Acceleration Manager)
11.5.3 (BIG-IP Application Acceleration Manager)
11.5.4 (BIG-IP Application Acceleration Manager)
11.5.5 (BIG-IP Application Acceleration Manager)
11.6.0 (BIG-IP Application Acceleration Manager)
11.6.1 (BIG-IP Application Acceleration Manager)
12.1.0 (BIG-IP Application Acceleration Manager)
12.1.1 (BIG-IP Application Acceleration Manager)
12.1.2 (BIG-IP Application Acceleration Manager)
11.5.0 (BIG-IP Advanced Firewall Manager)
11.5.1 (BIG-IP Advanced Firewall Manager)
11.5.2 (BIG-IP Advanced Firewall Manager)
11.5.3 (BIG-IP Advanced Firewall Manager)
11.5.4 (BIG-IP Advanced Firewall Manager)
11.5.5 (BIG-IP Advanced Firewall Manager)
11.6.0 (BIG-IP Advanced Firewall Manager)
11.6.1 (BIG-IP Advanced Firewall Manager)
12.1.0 (BIG-IP Advanced Firewall Manager)
12.1.1 (BIG-IP Advanced Firewall Manager)
12.1.2 (BIG-IP Advanced Firewall Manager)
11.5.0 (BIG-IP Access Policy Manager)
11.5.1 (BIG-IP Access Policy Manager)
11.5.2 (BIG-IP Access Policy Manager)
11.5.3 (BIG-IP Access Policy Manager)
11.5.4 (BIG-IP Access Policy Manager)
11.5.5 (BIG-IP Access Policy Manager)
11.6.0 (BIG-IP Access Policy Manager)
11.6.1 (BIG-IP Access Policy Manager)
12.1.0 (BIG-IP Access Policy Manager)
12.1.1 (BIG-IP Access Policy Manager)
12.1.2 (BIG-IP Access Policy Manager)

Тип ПО

ПО сетевого программно-аппаратного средства

Операционные системы и аппаратные платформы

-

Уровень опасности уязвимости

Средний уровень опасности (базовая оценка CVSS 2.0 составляет 5)
Высокий уровень опасности (базовая оценка CVSS 3.0 составляет 7,5)

Возможные меры по устранению уязвимости

Использование рекомендаций: https://support.f5.com/csp/article/K30201296

Статус уязвимости

Подтверждена производителем

Наличие эксплойта

Данные уточняются

Информация об устранении

Уязвимость устранена

Ссылки на источники

Идентификаторы других систем описаний уязвимостей

EPSS

Процентиль: 85%
0.02438
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2017-0303

CVSS3: 7.5
nvd
больше 8 лет назад

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and 11.5.1 to 11.6.1, under limited circumstances connections handled by a Virtual Server with an associated SOCKS profile may not be properly cleaned up, potentially leading to resource starvation. Connections may be left in the connection table which then can only be removed by restarting TMM. Over time this may lead to the BIG-IP being unable to process further connections.

github логотип

GHSA-j3p8-q7hc-2x2w

CVSS3: 7.5
github
больше 3 лет назад

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and 11.5.1 to 11.6.1, under limited circumstances connections handled by a Virtual Server with an associated SOCKS profile may not be properly cleaned up, potentially leading to resource starvation. Connections may be left in the connection table which then can only be removed by restarting TMM. Over time this may lead to the BIG-IP being unable to process further connections.

EPSS

Процентиль: 85%
0.02438
Низкий

7.5 High

CVSS3

5 Medium

CVSS2