In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and 11.5.1 to 11.6.1, under limited circumstances connections handled by a Virtual Server with an associated SOCKS profile may not be properly cleaned up, potentially leading to resource starvation. Connections may be left in the connection table which then can only be removed by restarting TMM. Over time this may lead to the BIG-IP being unable to process further connections.
No CVSS v3.1
Attack Vector Network
Attack Complexity Low
Privileges Required None
Scope Unchanged
Confidentiality Impact None
Integrity Impact None
Availability Impact High
User Interaction None
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
AV:N/AC:L/Au:N/C:N/I:N/A:P
Vendors | Products |
---|---|
F5 |
|
Configuration 1 [-]
|
Configuration 2 [-]
|
Configuration 3 [-]
|
Configuration 4 [-]
|
Configuration 5 [-]
|
Configuration 6 [-]
|
Configuration 7 [-]
|
Configuration 8 [-]
|
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/101612 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1039674 | Third Party Advisory VDB Entry |
https://support.f5.com/csp/article/K30201296 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: f5
Published: 2017-10-26T00:00:00
Updated: 2017-11-01T09:57:01
Reserved: 2016-11-09T00:00:00
Link: CVE-2017-0303
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-10-27T14:29:00.233
Modified: 2019-10-03T00:03:26.223
Link: CVE-2017-0303
JSON object: View
Redhat Information
No data.
CWE