CVE-2017-6162

moderate-risk

Published 2017-10-27

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, 11.2.1, in some cases TMM may crash when processing TCP traffic. This vulnerability affects TMM via a virtual server configured with TCP profile. Traffic processing is disrupted while Traffic Management Microkernel (TMM) restarts. If the affected BIG-IP system is configured to be part of a device group, it will trigger a failover to the peer device.

Do I need to act?

1.5% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.9/10 Medium

NETWORK / HIGH complexity

Affected Products (20)

Big-Ip Local Traffic Manager

Big-Ip Application Acceleration Manager

Big-Ip Advanced Firewall Manager

Big-Ip Access Policy Manager

Big-Ip Application Security Manager

Big-Ip Link Controller

Affected Vendors

References (6)

Third Party Advisory http://www.securityfocus.com/bid/101635

Third Party Advisory http://www.securitytracker.com/id/1039673

Vendor Advisory https://support.f5.com/csp/article/K13421245

Third Party Advisory http://www.securityfocus.com/bid/101635

Third Party Advisory http://www.securitytracker.com/id/1039673

Vendor Advisory https://support.f5.com/csp/article/K13421245

/ 100

moderate-risk

Severity 18/34 · Moderate

Exploitability 4/34 · Minimal

Exposure 26/34 · High