CVE-2017-6132
high-risk
Published 2017-12-21
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 and 11.5.0 - 11.5.4, an undisclosed sequence of packets sent to BIG-IP High Availability state mirror listeners (primary and/or secondary IP) may cause TMM to restart.
Do I need to act?
~
2.2% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10
High
NETWORK
/ LOW complexity
Affected Products (20)
Affected Vendors
References (6)
Third Party Advisory
http://www.securityfocus.com/bid/102333
Third Party Advisory
http://www.securitytracker.com/id/1040049
Issue Tracking
https://support.f5.com/csp/article/K12044607
Third Party Advisory
http://www.securityfocus.com/bid/102333
Third Party Advisory
http://www.securitytracker.com/id/1040049
Issue Tracking
https://support.f5.com/csp/article/K12044607
59
/ 100
high-risk
Severity
26/34 · High
Exploitability
5/34 · Minimal
Exposure
28/34 · Critical