Exploit for #VU9370 Information disclosure in F5 Networks Server applications

Exploit for #VU9370 Information disclosure in F5 Networks Server applications

Published: 2020-03-18

Vulnerability identifier: #VU9370

Vulnerability risk: Low

CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C]

CVE-ID: CVE-2017-6168

CWE-ID: CWE-200

Exploitation vector: Network

Exploits in database: 1

March 18, 2020
- Scanner for Bleichenbacher Oracle in RSA PKCS #1 v1.5 [Metasploit]

Impact: Information disclosure

Vulnerable software:
BIG-IP LTM
Hardware solutions / Security hardware applicances
BIG-IP Analytics
Hardware solutions / Security hardware applicances
BIG-IP APM
Hardware solutions / Security hardware applicances
BIG-IP ASM
Hardware solutions / Security hardware applicances
BIG-IP GTM
Hardware solutions / Security hardware applicances
BIG-IP PEM
Hardware solutions / Security hardware applicances
BIG-IP AAM
Hardware solutions / Routers & switches, VoIP, GSM, etc
BIG-IP DNS
Hardware solutions / Routers & switches, VoIP, GSM, etc
BIG-IP Link Controller
Hardware solutions / Routers & switches, VoIP, GSM, etc
BIG-IP WebSafe
Server applications / Server solutions for antivurus protection

Vendor: F5 Networks