CVE-2017-6140

Опубликовано: 21 дек. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

On the BIG-IP 2000s, 2200s, 4000s, 4200v, i5600, i5800, i7600, i7800, i10600,i10800, and VIPRION 4450 blades, running version 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 12.1.0, 12.1.1 or 12.1.2 of BIG-IP LTM, AAM, AFM, Analytics, ASM, DNS, GTM or PEM, an undisclosed sequence of packets sent to Virtual Servers with client or server SSL profiles may cause disruption of data plane services.

Ссылки

http://www.securitytracker.com/id/1040042
Third Party Advisory
VDB Entry
https://support.f5.com/csp/article/K55102452
Issue Tracking
Vendor Advisory
http://www.securitytracker.com/id/1040042
Third Party Advisory
VDB Entry
https://support.f5.com/csp/article/K55102452
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:*

Одно из

cpe:2.3:h:f5:big-ip_2000s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_2200s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_4000s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_4200v:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i10600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i10800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i5600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i5800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i7600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i7800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:viprion_4450_blades:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

Одно из

cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:*:*:*:*:*:*:*

Одно из

cpe:2.3:h:f5:big-ip_2000s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_2200s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_4000s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_4200v:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i10600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i10800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i5600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i5800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i7600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i7800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:viprion_4450_blades:-:*:*:*:*:*:*:*

Конфигурация 3

Одновременно

Одно из

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.2:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.3:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.5.4:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:*:*:*:*:*:*:*

Одно из

cpe:2.3:h:f5:big-ip_2000s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_2200s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_4000s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_4200v:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i10600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i10800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i5600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i5800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i7600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i7800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:viprion_4450_blades:-:*:*:*:*:*:*:*

Конфигурация 4

Одновременно

Одно из

cpe:2.3:a:f5:big-ip_analytics:11.5.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_analytics:11.5.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_analytics:11.5.2:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_analytics:11.5.3:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_analytics:11.5.4:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_analytics:11.6.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_analytics:12.1.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_analytics:12.1.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_analytics:12.1.2:*:*:*:*:*:*:*

Одно из

cpe:2.3:h:f5:big-ip_2000s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_2200s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_4000s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_4200v:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i10600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i10800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i5600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i5800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i7600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i7800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:viprion_4450_blades:-:*:*:*:*:*:*:*

Конфигурация 5

Одновременно

Одно из

cpe:2.3:a:f5:big-ip_application_security_manager:11.5.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_application_security_manager:11.5.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_application_security_manager:11.5.2:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_application_security_manager:11.5.3:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_application_security_manager:11.5.4:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:*:*:*:*:*:*:*

Одно из

cpe:2.3:h:f5:big-ip_2000s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_2200s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_4000s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_4200v:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i10600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i10800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i5600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i5800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i7600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i7800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:viprion_4450_blades:-:*:*:*:*:*:*:*

Конфигурация 6

Одновременно

Одно из

cpe:2.3:a:f5:big-ip_dns:11.5.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_dns:11.5.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_dns:11.5.2:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_dns:11.5.3:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_dns:11.5.4:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_dns:11.6.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_dns:11.6.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_dns:12.0.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_dns:12.1.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_dns:12.1.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_dns:12.1.2:*:*:*:*:*:*:*

Одно из

cpe:2.3:h:f5:big-ip_2000s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_2200s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_4000s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_4200v:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i10600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i10800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i5600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i5800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i7600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i7800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:viprion_4450_blades:-:*:*:*:*:*:*:*

Конфигурация 7

Одновременно

Одно из

cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.2:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.3:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_global_traffic_manager:11.5.4:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_global_traffic_manager:12.0.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.2:*:*:*:*:*:*:*

Одно из

cpe:2.3:h:f5:big-ip_2000s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_2200s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_4000s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_4200v:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i10600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i10800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i5600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i5800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i7600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i7800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:viprion_4450_blades:-:*:*:*:*:*:*:*

Конфигурация 8

Одновременно

Одно из

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1:*:*:*:*:*:*:*

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:*:*:*:*:*:*:*

Одно из

cpe:2.3:h:f5:big-ip_2000s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_2200s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_4000s:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_4200v:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i10600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i10800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i5600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i5800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i7600:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:big-ip_i7800:-:*:*:*:*:*:*:*

cpe:2.3:h:f5:viprion_4450_blades:-:*:*:*:*:*:*:*

EPSS

Процентиль: 70%

0.00628

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-cv5w-vcr3-hm3r

CVSS3: 7.5

github

больше 3 лет назад

EPSS

Процентиль: 70%

0.00628

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20