CVE-2017-6151 - OpenCVE

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, undisclosed requests made to BIG-IP virtual servers which make use of the "HTTP/2 profile" may result in a disruption of service to TMM.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:N/C:N/I:N/A:C

Vendors & Products
CPE Configurations

Vendors	Products
F5	Big-ip Policy Enforcement Manager Big-ip Edge Gateway Big-ip Analytics Big-ip Access Policy Manager Big-ip Link Controller Big-ip Webaccelerator Big-ip Dns Big-ip Application Acceleration Manager Big-ip Global Traffic Manager Big-ip Advanced Firewall Manager Big-ip Local Traffic Manager Big-ip Websafe Big-ip Application Security Manager

Configuration 1 [-]

cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0:*:*:*:*:*:*:*

Configuration 4 [-]

cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*

Configuration 5 [-]

cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0:*:*:*:*:*:*:*

Configuration 6 [-]

cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0:*:*:*:*:*:*:*

Configuration 7 [-]

cpe:2.3:a:f5:big-ip_dns:13.0.0:*:*:*:*:*:*:*

Configuration 8 [-]

cpe:2.3:a:f5:big-ip_global_traffic_manager:13.0.0:*:*:*:*:*:*:*

Configuration 9 [-]

cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*

Configuration 10 [-]

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0:*:*:*:*:*:*:*

Configuration 11 [-]

cpe:2.3:a:f5:big-ip_websafe:13.0.0:*:*:*:*:*:*:*

Configuration 12 [-]

cpe:2.3:a:f5:big-ip_edge_gateway:13.0.0:*:*:*:*:*:*:*

Configuration 13 [-]

cpe:2.3:a:f5:big-ip_webaccelerator:13.0.0:*:*:*:*:*:*:*

References

Link	Resource
http://www.securitytracker.com/id/1040052	Third Party Advisory VDB Entry
https://support.f5.com/csp/article/K07369970	Issue Tracking Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: f5

Published: 2017-12-20T00:00:00

Updated: 2017-12-23T10:57:01

Reserved: 2017-02-21T00:00:00

Link: CVE-2017-6151

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-12-21T17:29:00.637

Modified: 2019-10-03T00:03:26.223

Link: CVE-2017-6151

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo