← Back

CVE-2016-5700

nvd nist
Published: Oct 3, 2016Modified: May 6, 2026

JSON object

Loading...
9.8
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4, and 12.1.0 before HF2, when configured with the HTTP Explicit Proxy functionality or SOCKS profile, allow remote attackers to modify the system configuration, read system files, and possibly execute arbitrary code via unspecified vectors.

Affected (67)

F5
8 products
Big Ip Policy Enforcement Manager
Big Ip Local Traffic Manager
Big Ip Websafe
Big Ip Link Controller
Big Ip Application Acceleration Manager
Big Ip Access Policy Manager
Big Ip Advanced Firewall Manager
Big Ip Application Security Manager
Configuration A
9 vulnerable
Vulnerable SoftwareAffected Versions
F5
Big Ip Policy Enforcement Manager
Version 11.5.0
Big Ip Policy Enforcement Manager
Version 11.5.1
Big Ip Policy Enforcement Manager
Version 11.5.2
Big Ip Policy Enforcement Manager
Version 11.5.3
Big Ip Policy Enforcement Manager
Version 11.5.4
Big Ip Policy Enforcement Manager
Version 11.6.0
Big Ip Policy Enforcement Manager
Version 11.6.1
Big Ip Policy Enforcement Manager
Version 12.0.0
Big Ip Policy Enforcement Manager
Version 12.1.0
Configuration B
9 vulnerable
Vulnerable SoftwareAffected Versions
F5
Big Ip Local Traffic Manager
Version 11.5.0
Big Ip Local Traffic Manager
Version 11.5.1
Big Ip Local Traffic Manager
Version 11.5.2
Big Ip Local Traffic Manager
Version 11.5.3
Big Ip Local Traffic Manager
Version 11.5.4
Big Ip Local Traffic Manager
Version 11.6.0
Big Ip Local Traffic Manager
Version 11.6.1
Big Ip Local Traffic Manager
Version 12.0.0
Big Ip Local Traffic Manager
Version 12.1.0
Configuration C
4 vulnerable
Vulnerable SoftwareAffected Versions
F5
Big Ip Websafe
Version 11.6.0
Big Ip Websafe
Version 11.6.1
Big Ip Websafe
Version 12.0.0
Big Ip Websafe
Version 12.1.0
Configuration D
9 vulnerable
Vulnerable SoftwareAffected Versions
F5
Big Ip Link Controller
Version 11.5.0
Big Ip Link Controller
Version 11.5.1
Big Ip Link Controller
Version 11.5.2
Big Ip Link Controller
Version 11.5.3
Big Ip Link Controller
Version 11.5.4
Big Ip Link Controller
Version 11.6.0
Big Ip Link Controller
Version 11.6.1
Big Ip Link Controller
Version 12.0.0
Big Ip Link Controller
Version 12.1.0
Configuration E
9 vulnerable
Vulnerable SoftwareAffected Versions
F5
Big Ip Application Acceleration Manager
Version 11.5.0
Big Ip Application Acceleration Manager
Version 11.5.1
Big Ip Application Acceleration Manager
Version 11.5.2
Big Ip Application Acceleration Manager
Version 11.5.3
Big Ip Application Acceleration Manager
Version 11.5.4
Big Ip Application Acceleration Manager
Version 11.6.0
Big Ip Application Acceleration Manager
Version 11.6.1
Big Ip Application Acceleration Manager
Version 12.0.0
Big Ip Application Acceleration Manager
Version 12.1.0
Configuration F
9 vulnerable
Vulnerable SoftwareAffected Versions
F5
Big Ip Access Policy Manager
Version 11.5.0
Big Ip Access Policy Manager
Version 11.5.1
Big Ip Access Policy Manager
Version 11.5.2
Big Ip Access Policy Manager
Version 11.5.3
Big Ip Access Policy Manager
Version 11.5.4
Big Ip Access Policy Manager
Version 11.6.0
Big Ip Access Policy Manager
Version 11.6.1
Big Ip Access Policy Manager
Version 12.0.0
Big Ip Access Policy Manager
Version 12.1.0
Configuration G
9 vulnerable
Vulnerable SoftwareAffected Versions
F5
Big Ip Advanced Firewall Manager
Version 11.5.0
Big Ip Advanced Firewall Manager
Version 11.5.1
Big Ip Advanced Firewall Manager
Version 11.5.2
Big Ip Advanced Firewall Manager
Version 11.5.3
Big Ip Advanced Firewall Manager
Version 11.5.4
Big Ip Advanced Firewall Manager
Version 11.6.0
Big Ip Advanced Firewall Manager
Version 11.6.1
Big Ip Advanced Firewall Manager
Version 12.0.0
Big Ip Advanced Firewall Manager
Version 12.1.0
Configuration H
9 vulnerable
Vulnerable SoftwareAffected Versions
F5
Big Ip Application Security Manager
Version 11.5.0
Big Ip Application Security Manager
Version 11.5.1
Big Ip Application Security Manager
Version 11.5.2
Big Ip Application Security Manager
Version 11.5.3
Big Ip Application Security Manager
Version 11.5.4
Big Ip Application Security Manager
Version 11.6.0
Big Ip Application Security Manager
Version 11.6.1
Big Ip Application Security Manager
Version 12.0.0
Big Ip Application Security Manager
Version 12.1.0

Related CWEs

CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (6)

Source: cve@mitre.org
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.