CVE-2016-5022
9.8
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD
Description
F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.x before 11.2.1 HF16 and 11.3.0; BIG-IP GTM 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1 HF1; BIG-IP PSM 11.2.x before 11.2.1 HF16, 11.3.x, and 11.4.0 through 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0; and iWorkflow 2.0.0, when Packet Filtering is enabled on virtual servers and possibly self IP addresses, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) and possibly have unspecified other impact via crafted network traffic.
Affected (143)
Products: F5: Big Ip Link Controller, Big Ip Policy Enforcement Manager, Big Ip Access Policy Manager, Big Ip Global Traffic Manager, Big Iq Cloud, Big Ip Webaccelerator, Big Iq Application Delivery Controller, Big Ip Application Security Manager, Big Ip Local Traffic Manager, Big Ip Wan Optimization Manager, Big Iq Device, Big Ip Advanced Firewall Manager, Big Ip Domain Name System, Big Iq Centralized Management, Big Iq Cloud And Orchestration, F5 Iworkflow, Big Ip Application Acceleration Manager, Big Ip Edge Gateway, Enterprise Manager, Big Ip Protocol Security Module, Big Ip Analytics, Big Iq Security
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.2.0 |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.4.0 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.2.0 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.2.0 |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.0.0 |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.2.0 |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.5.0 |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.2.0 |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.2.0 |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.2.0 |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.2.0 |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.4.0 |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Version 12.0.0 |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.6.0 |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.0.0 |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.0.0 |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.4.0 |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.2.0 |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Version 3.1.1 |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.2.0 |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11.2.0 |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.0.0 |
References (6)
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.