Denial of service in F5 Networks products
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2017-6147 |
| CWE-ID | CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
BIG-IP Analytics Hardware solutions / Security hardware applicances BIG-IP PEM Hardware solutions / Security hardware applicances BIG-IP ASM Hardware solutions / Security hardware applicances BIG-IP APM Hardware solutions / Security hardware applicances BIG-IP AFM Hardware solutions / Security hardware applicances BIG-IP LTM Hardware solutions / Security hardware applicances BIG-IP WebSafe Server applications / Server solutions for antivurus protection BIG-IP Link Controller Hardware solutions / Routers & switches, VoIP, GSM, etc BIG-IP DNS Hardware solutions / Routers & switches, VoIP, GSM, etc BIG-IP AAM Hardware solutions / Routers & switches, VoIP, GSM, etc |
| Vendor | F5 Networks |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Denial of service
EUVDB-ID: #VU8492
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-6147
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the SSL Forward Proxy feature of multiple F5 Networks BIG-IP products due to improper processing of undisclosed requests. A remote attacker can send series of undisclosed requests, trigger the "SSL Forward Proxy" setup to connect to untrusted servers and cause the Traffic Management Microkernel (TMM) component to restart.
Successful exploitation of the vulnerability results in denial of service.
Note: This vulnerability affects only devices running a BIG-IP virtual server
that has the SSL Forward Proxy option enabled in the assigned client
and server SSL profiles.
The vulnerability is addressed in the following versions:
12.0.0 - 12.1.2 for BIG-IP LTM, BIG-IP AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP DNS, BIG-IP Link Controller, BIG-IP PEM, BIG-IP WebSafe.
11.4.0 - 11.6.1 for BIG-IP LTM, BIG-IP AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM.
11.2.1 for BIG-IP LTM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP Edge Gateway, BIG-IP GTM, BIG-IP Link Controller.
BIG-IP Analytics: 12.1.2 HF1 - 13.0.0
BIG-IP WebSafe: 12.1.2 HF1 - 13.0.0
BIG-IP PEM: 12.1.2 HF1 - 13.0.0
BIG-IP Link Controller: 12.1.2 HF1 - 13.0.0
BIG-IP DNS: 12.1.2 HF1 - 13.0.0
BIG-IP ASM: 12.1.2 HF1 - 13.0.0
BIG-IP APM: 12.1.2 HF1 - 13.0.0
BIG-IP AFM: 12.1.2 HF1 - 13.0.0
BIG-IP AAM: 12.1.2 HF1 - 13.0.0
BIG-IP LTM: 12.1.2 HF1 - 13.0.0
External linkshttp://support.f5.com/csp/article/K43945001
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
