CVE-2015-8099
5.9
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 2.2 / Impact: 3.6
Source: NVD
Description
F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x before 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 HF10; Enterprise Manager 3.0.0 through 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 on the 3900, 6900, 8900, 8950, 11000, 11050, PB100 and PB200 platforms, when software SYN cookies are configured on virtual servers, allow remote attackers to cause a denial of service (High-Speed Bridge hang) via an invalid TCP segment.
Affected (109)
Products: F5: Big Ip Access Policy Manager, Big Ip Wan Optimization Manager, Big Ip Application Security Manager, Big Ip Link Controller, Big Ip Analytics, Big Ip Advanced Firewall Manager, Big Ip Protocol Security Module, Big Iq Security, Big Iq Application Delivery Controller, Big Ip Global Traffic Manager, Big Ip Local Traffic Manager, Big Iq Cloud And Orchestration, Big Iq Cloud, Big Iq Centralized Management, Big Iq Device, Big Ip Policy Enforcement Manager, Big Ip Domain Name System, Big Ip Application Acceleration Manager, Big Ip Enterprise Manager, Big Ip Edge Gateway, Big Ip Webaccelerator
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.3.0 |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.3.0 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.3.0 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.3.0 |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.3.0 |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.3.0 |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.3.0 |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.0.0 |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.5.0 |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.3.0 |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Version 10.2.0 |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.0.0 |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.0.0 |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.6.0 |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.2.0 |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.3.0 |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Version 12.0.0 |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.4.0 |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Version 3.0.0 |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.3.0 |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.3.0 |
References (6)
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.