CVE-2017-6158 | ByteOS Network

Vulnerability Details :

CVE-2017-6158

Assigner-f5

Assigner Org ID-9dacffd4-cb11-413f-8451-fbbfd4ddc0ab

Published At-13 Apr, 2018 | 13:00

Updated At-17 Sep, 2024 | 03:38

In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 there is a vulnerability in TMM related to handling of invalid IP addresses.

EPSS History

Score

Latest Score

-

N/A

Percentile

Latest Percentile

-

N/A

▼Common Vulnerabilities and Exposures (CVE)

Assigner:f5

Assigner Org ID:9dacffd4-cb11-413f-8451-fbbfd4ddc0ab

Published At:13 Apr, 2018 | 13:00

Updated At:17 Sep, 2024 | 03:38

▼CVE Numbering Authority (CNA)

In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 there is a vulnerability in TMM related to handling of invalid IP addresses.

Affected Products

Vendor

Product

BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe)

Versions

Affected

12.0.0-12.1.2
11.6.0-11.6.1
11.5.1-11.5.5
11.2.1

Problem Types

Type	CWE ID	Description
text	N/A	DoS

Type: text

CWE ID: N/A

Description: DoS

References

Hyperlink	Resource
https://support.f5.com/csp/article/K19361245	x_refsource_CONFIRM

Hyperlink: https://support.f5.com/csp/article/K19361245

Resource:

x_refsource_CONFIRM

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://support.f5.com/csp/article/K19361245	x_refsource_CONFIRM x_transferred

Hyperlink: https://support.f5.com/csp/article/K19361245

Resource:

x_refsource_CONFIRM

x_transferred

▼National Vulnerability Database (NVD)

Source:f5sirt@f5.com

Published At:13 Apr, 2018 | 13:29

Updated At:03 Oct, 2019 | 00:03

In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 there is a vulnerability in TMM related to handling of invalid IP addresses.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.0	6.5	MEDIUM	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Primary	2.0	6.4	MEDIUM	AV:N/AC:L/Au:N/C:N/I:P/A:P

Type: Primary

Version: 3.0

Base score: 6.5

Base severity: MEDIUM

Vector:

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Type: Primary

Version: 2.0

Base score: 6.4

Base severity: MEDIUM

Vector:

AV:N/AC:L/Au:N/C:N/I:P/A:P

CPE Matches

>>big-ip_local_traffic_manager>>Versions from 11.5.1(inclusive) to 11.5.5(inclusive)

cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*

>>big-ip_local_traffic_manager>>Versions from 11.6.0(inclusive) to 11.6.1(inclusive)

cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*

>>big-ip_local_traffic_manager>>Versions from 12.0.0(inclusive) to 12.1.2(inclusive)

cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*

>>big-ip_local_traffic_manager>>11.2.1

cpe:2.3:a:f5:big-ip_local_traffic_manager:11.2.1:*:*:*:*:*:*:*

>>big-ip_application_acceleration_manager>>Versions from 11.5.1(inclusive) to 11.5.5(inclusive)

cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*

>>big-ip_application_acceleration_manager>>Versions from 11.6.0(inclusive) to 11.6.1(inclusive)

cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*

>>big-ip_application_acceleration_manager>>Versions from 12.0.0(inclusive) to 12.1.2(inclusive)

cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*

>>big-ip_application_acceleration_manager>>11.2.1

cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.2.1:*:*:*:*:*:*:*

>>big-ip_advanced_firewall_manager>>Versions from 11.5.1(inclusive) to 11.5.5(inclusive)

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*

>>big-ip_advanced_firewall_manager>>Versions from 11.6.0(inclusive) to 11.6.1(inclusive)

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*

>>big-ip_advanced_firewall_manager>>Versions from 12.0.0(inclusive) to 12.1.2(inclusive)

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*

>>big-ip_advanced_firewall_manager>>11.2.1

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.2.1:*:*:*:*:*:*:*

>>big-ip_analytics>>Versions from 11.5.1(inclusive) to 11.5.5(inclusive)

cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*

>>big-ip_analytics>>Versions from 11.6.0(inclusive) to 11.6.1(inclusive)

cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*

>>big-ip_analytics>>Versions from 12.0.0(inclusive) to 12.1.2(inclusive)

cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*

>>big-ip_analytics>>11.2.1

cpe:2.3:a:f5:big-ip_analytics:11.2.1:*:*:*:*:*:*:*

>>big-ip_access_policy_manager>>Versions from 11.5.1(inclusive) to 11.5.5(inclusive)

cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*

>>big-ip_access_policy_manager>>Versions from 11.6.0(inclusive) to 11.6.1(inclusive)

cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*

>>big-ip_access_policy_manager>>Versions from 12.0.0(inclusive) to 12.1.2(inclusive)

cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*

>>big-ip_access_policy_manager>>11.2.1

cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:*

>>big-ip_application_security_manager>>Versions from 11.5.1(inclusive) to 11.5.5(inclusive)

cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*

>>big-ip_application_security_manager>>Versions from 11.6.0(inclusive) to 11.6.1(inclusive)

cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*

>>big-ip_application_security_manager>>Versions from 12.0.0(inclusive) to 12.1.2(inclusive)

cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*

>>big-ip_application_security_manager>>11.2.1

cpe:2.3:a:f5:big-ip_application_security_manager:11.2.1:*:*:*:*:*:*:*

>>big-ip_edge_gateway>>Versions from 11.5.1(inclusive) to 11.5.5(inclusive)

cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*

>>big-ip_edge_gateway>>Versions from 11.6.0(inclusive) to 11.6.1(inclusive)

cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*

>>big-ip_edge_gateway>>Versions from 12.0.0(inclusive) to 12.1.2(inclusive)

cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*

>>big-ip_edge_gateway>>11.2.1

cpe:2.3:a:f5:big-ip_edge_gateway:11.2.1:*:*:*:*:*:*:*

>>big-ip_global_traffic_manager>>Versions from 11.5.1(inclusive) to 11.5.5(inclusive)

cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*

>>big-ip_global_traffic_manager>>Versions from 11.6.0(inclusive) to 11.6.1(inclusive)

cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*

>>big-ip_global_traffic_manager>>Versions from 12.0.0(inclusive) to 12.1.2(inclusive)

cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*

>>big-ip_global_traffic_manager>>11.2.1

cpe:2.3:a:f5:big-ip_global_traffic_manager:11.2.1:*:*:*:*:*:*:*

>>big-ip_link_controller>>Versions from 11.5.1(inclusive) to 11.5.5(inclusive)

cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*

>>big-ip_link_controller>>Versions from 11.6.0(inclusive) to 11.6.1(inclusive)

cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*

>>big-ip_link_controller>>Versions from 12.0.0(inclusive) to 12.1.2(inclusive)

cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*

>>big-ip_link_controller>>11.2.1

cpe:2.3:a:f5:big-ip_link_controller:11.2.1:*:*:*:*:*:*:*

>>big-ip_policy_enforcement_manager>>Versions from 11.5.1(inclusive) to 11.5.5(inclusive)

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*

>>big-ip_policy_enforcement_manager>>Versions from 11.6.0(inclusive) to 11.6.1(inclusive)

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*

>>big-ip_policy_enforcement_manager>>Versions from 12.0.0(inclusive) to 12.1.2(inclusive)

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*

>>big-ip_policy_enforcement_manager>>11.2.1

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.2.1:*:*:*:*:*:*:*

>>big-ip_webaccelerator>>Versions from 11.5.1(inclusive) to 11.5.5(inclusive)

cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*

>>big-ip_webaccelerator>>Versions from 11.6.0(inclusive) to 11.6.1(inclusive)

cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*

>>big-ip_webaccelerator>>Versions from 12.0.0(inclusive) to 12.1.2(inclusive)

cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*

>>big-ip_webaccelerator>>11.2.1

cpe:2.3:a:f5:big-ip_webaccelerator:11.2.1:*:*:*:*:*:*:*

>>big-ip_websafe>>Versions from 11.5.1(inclusive) to 11.5.5(inclusive)

cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*

>>big-ip_websafe>>Versions from 11.6.0(inclusive) to 11.6.1(inclusive)

cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*

>>big-ip_websafe>>Versions from 12.0.0(inclusive) to 12.1.2(inclusive)

cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*

>>big-ip_websafe>>11.2.1

cpe:2.3:a:f5:big-ip_websafe:11.2.1:*:*:*:*:*:*:*

>>big-ip_domain_name_system>>Versions from 11.5.1(inclusive) to 11.5.5(inclusive)

cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*

>>big-ip_domain_name_system>>Versions from 11.6.0(inclusive) to 11.6.1(inclusive)

cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-noinfo	Primary	nvd@nist.gov

CWE ID: NVD-CWE-noinfo

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
https://support.f5.com/csp/article/K19361245	f5sirt@f5.com	Vendor Advisory

Hyperlink: https://support.f5.com/csp/article/K19361245

Source: f5sirt@f5.com

Resource:

Vendor Advisory

Similar CVEs

3Records found

Matching Score-8

Assigner-Snyk

Matching Score-8

Assigner-Snyk

CVSS Score-9.1||CRITICAL

EPSS-3.41% / 86.96%

||

7 Day CHG~0.00%

Published-25 Jul, 2019 | 23:43

Updated-04 Aug, 2024 | 22:32

Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.

Vendor-lodash Snyk F5, Inc.Red Hat, Inc.NetApp, Inc.Oracle Corporation

CWE ID-CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Matching Score-8

Assigner-Red Hat, Inc.

Matching Score-8

Assigner-Red Hat, Inc.

CVSS Score-9.1||CRITICAL

EPSS-2.30% / 84.09%

||

7 Day CHG~0.00%

Published-24 May, 2012 | 23:00

Updated-11 Apr, 2025 | 00:51

The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.

Vendor-n/a F5, Inc.Red Hat, Inc.Linux Kernel Organization, Inc

Product-big-ip_protocol_security_module enterprise_linux big-ip_analytics arx big-ip_application_security_manager big-ip_global_traffic_manager big-ip_webaccelerator firepass big-ip_local_traffic_manager big-ip_link_controller enterprise_manager big-ip_wan_optimization_manager linux_kernel big-ip_access_policy_manager big-ip_edge_gateway n/a

Matching Score-8

Assigner-F5, Inc.

Matching Score-8

Assigner-F5, Inc.

CVSS Score-9.1||CRITICAL

EPSS-0.33% / 54.96%

||

7 Day CHG~0.00%

Published-26 Feb, 2019 | 15:00

Updated-16 Sep, 2024 | 21:57

On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file when validating SSL certificates in client SSL or server SSL profiles.

Vendor-F5, Inc.

Product-big-ip_edge_gateway big-ip_webaccelerator big-ip_link_controller big-ip_policy_enforcement_manager big-ip_fraud_protection_service big-ip_global_traffic_manager big-ip_local_traffic_manager big-ip_access_policy_manager big-ip_analytics big-ip_domain_name_system big-ip_advanced_firewall_manager big-ip_application_security_manager BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)

CWE ID-CWE-295

Improper Certificate Validation