CVE-2017-6162 Information

Description

In F5 BIG-IP LTM AAM AFM Analytics APM ASM DNS Edge Gateway GTM Link Controller PEM Websafe software version 12.0.0 to 12.1.2 11.6.0 to 11.6.1 11.4.0 to 11.5.4 11.2.1 in some cases TMM may crash when processing TCP traffic. This vulnerability affects TMM via a virtual server configured with TCP profile. Traffic processing is disrupted while Traffic Management Microkernel (TMM) restarts. If the affected BIG-IP system is configured to be part of a device group it will trigger a failover to the peer device.

CVSS Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

http://www.securityfocus.com/bid/101635 http://www.securitytracker.com/id/1039673 https://support.f5.com/csp/article/K13421245

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

5.9