Configuration Modification - CVE-2016-5745
Published: September 30, 2016 / Updated: October 3, 2016
Vulnerability identifier: #VU693
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2016-5745
CWE-ID: CWE-284
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor:
Affected software:
Detailed vulnerability description
The vulnerability allows a remote user to access and modify data on the target system.
The weakness exists due to access control error and leads to extraction of the BIG-IP system configuration files disclosure and modification.
Successful exploitation of the vulnerability allows a malicious user to obtain information on the target language that may result in further attacks.
The weakness exists due to access control error and leads to extraction of the BIG-IP system configuration files disclosure and modification.
Successful exploitation of the vulnerability allows a malicious user to obtain information on the target language that may result in further attacks.
How to mitigate CVE-2016-5745
To resolve the vulnerability user sholuld:
- Log in to the command line of the BIG-IP system.
- Type the following command to verify the NAT64 configuration setting:
tmsh list ltm virtual all nat64 | grep -B 1 enabled
In the following example, the configuration for a virtual server named example1 has NAT64 enabled:
ltm virtual example1 {
nat64 enabled
}