Denial of service in F5 BIG-IP



Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2016-9250
CWE-ID CWE-264
Exploitation vector Network
Public exploit N/A
Vulnerable software
BIG-IP AAM
Hardware solutions / Routers & switches, VoIP, GSM, etc

BIG-IP DNS
Hardware solutions / Routers & switches, VoIP, GSM, etc

BIG-IP Link Controller
Hardware solutions / Routers & switches, VoIP, GSM, etc

BIG-IP AFM
Hardware solutions / Security hardware applicances

BIG-IP Analytics
Hardware solutions / Security hardware applicances

BIG-IP APM
Hardware solutions / Security hardware applicances

BIG-IP ASM
Hardware solutions / Security hardware applicances

BIG-IP LTM
Hardware solutions / Security hardware applicances

BIG-IP PEM
Hardware solutions / Security hardware applicances

BIG-IP GTM
Hardware solutions / Security hardware applicances

BIG-IP WebSafe
Server applications / Server solutions for antivurus protection

Vendor F5 Networks

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Denial of service

EUVDB-ID: #VU6531

Risk: Low

CVSSv4.0: 6.8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2016-9250

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote unauthenticated user to delete files on the target system.

The weakness exists due to insufficient security controls imposed by the management control plane component of the affected software. A remote attacker can use undisclosed measures through the Web Configuration Utility, iControl REST, or iControl SOAP, delete arbitrary files through an undisclosed mechanism and cause the application to crash.

Successful exploitation of the vulnerability may result in denial of service.

Mitigation

Update to version 12.1.2 HF1 or 13.0.0.

Vulnerable software versions

BIG-IP AAM: 11.4.0 - 12.1.2

BIG-IP AFM: 11.6.1 - 12.1.2

BIG-IP Analytics: 12.0.0 - 12.1.2

BIG-IP APM: 11.6.1 - 12.1.2

BIG-IP ASM: 11.6.1 - 12.1.2

BIG-IP DNS: 12.0.0 - 12.1.2

BIG-IP Link Controller: 12.0.0 - 12.1.2

BIG-IP LTM: 11.2.1 - 12.1.2

BIG-IP PEM: 11.6.1 - 12.1.2

BIG-IP WebSafe: 12.0 - 12.1.2

BIG-IP GTM: 11.6.1 - 11.6.1 HF1

CPE2.3 External links

https://support.f5.com/csp/article/K55792317


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###