CVE-2017-6141

Published: Oct 20, 2017Modified: May 13, 2026

5.9

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.2 / Impact: 3.6

Source: NVD

Description

In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, and WebSafe 12.1.0 through 12.1.2, certain values in a TLS abbreviated handshake when using a client SSL profile with the Session Ticket option enabled may cause disruption of service to the Traffic Management Microkernel (TMM). The Session Ticket option is disabled by default.

Affected (24)

Products: F5: Big Ip Access Policy Manager, Big Ip Advanced Firewall Manager, Big Ip Application Acceleration Manager, Big Ip Application Security Manager, Big Ip Link Controller, Big Ip Local Traffic Manager, Big Ip Policy Enforcement Manager, Big Ip Websafe

8 products

Big Ip Access Policy Manager

Big Ip Advanced Firewall Manager

Big Ip Application Acceleration Manager

Big Ip Application Security Manager

Big Ip Link Controller

Big Ip Local Traffic Manager

Big Ip Policy Enforcement Manager

Big Ip Websafe

Configuration A

24 vulnerable

Vulnerable Software	Affected Versions
F5 Big Ip Access Policy Manager	Version 12.1.0
F5 Big Ip Access Policy Manager	Version 12.1.1
F5 Big Ip Access Policy Manager	Version 12.1.2
F5 Big Ip Advanced Firewall Manager	Version 12.1.0
F5 Big Ip Advanced Firewall Manager	Version 12.1.1
F5 Big Ip Advanced Firewall Manager	Version 12.1.2
F5 Big Ip Application Acceleration Manager	Version 12.1.0
F5 Big Ip Application Acceleration Manager	Version 12.1.1
F5 Big Ip Application Acceleration Manager	Version 12.1.2
F5 Big Ip Application Security Manager	Version 12.1.0
F5 Big Ip Application Security Manager	Version 12.1.1
F5 Big Ip Application Security Manager	Version 12.1.2
F5 Big Ip Link Controller	Version 12.1.0
F5 Big Ip Link Controller	Version 12.1.1
F5 Big Ip Link Controller	Version 12.1.2
F5 Big Ip Local Traffic Manager	Version 12.1.0
F5 Big Ip Local Traffic Manager	Version 12.1.1
F5 Big Ip Local Traffic Manager	Version 12.1.2
F5 Big Ip Policy Enforcement Manager	Version 12.1.0
F5 Big Ip Policy Enforcement Manager	Version 12.1.1
F5 Big Ip Policy Enforcement Manager	Version 12.1.2
F5 Big Ip Websafe	Version 12.1.0
F5 Big Ip Websafe	Version 12.1.1
F5 Big Ip Websafe	Version 12.1.2

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

https://support.f5.com/csp/article/K21154730

Source: f5sirt@f5.com

Vendor Advisory

https://support.f5.com/csp/article/K21154730

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.