CVE-2016-1497

MEDIUM

F5 BIG-IP <11.2.1 HF16, 11.3.x, 11.4.x <11.4.1 HF10, 11.5.x <11.5.4...

Title source: llm

Description

The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (APM) access logs via unspecified vectors.

References (3)

Core 3

Core References

Vendor Advisory x_refsource_confirm

https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/92671

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1036631

Scores

CVSS v3 4.9

EPSS 0.0023

EPSS Percentile 46.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-200

Status published

Products (50)

f5/big-ip_access_policy_manager 11.0.0

f5/big-ip_access_policy_manager 11.1.0

f5/big-ip_access_policy_manager 11.2.0

f5/big-ip_access_policy_manager 11.2.1

f5/big-ip_access_policy_manager 11.3.0

f5/big-ip_access_policy_manager 11.4.0

f5/big-ip_access_policy_manager 11.4.1

f5/big-ip_access_policy_manager 11.5.0

f5/big-ip_access_policy_manager 11.5.1

f5/big-ip_access_policy_manager 11.5.2

... and 40 more

Published Aug 26, 2016

Tracked Since Feb 18, 2026