CVE-2017-6140 Information

Description

On the BIG-IP 2000s 2200s 4000s 4200v i5600 i5800 i7600 i7800 i10600i10800 and VIPRION 4450 blades running version 11.5.0 11.5.1 11.5.2 11.5.3 11.5.4 11.6.0 11.6.1 12.0.0 12.1.0 12.1.1 or 12.1.2 of BIG-IP LTM AAM AFM Analytics ASM DNS GTM or PEM an undisclosed sequence of packets sent to Virtual Servers with client or server SSL profiles may cause disruption of data plane services.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

http://www.securitytracker.com/id/1040042 https://support.f5.com/csp/article/K55102452

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

7.5