CVE-2017-6137

MEDIUM

F5 BIG-IP 11.6.1 HF1, 12.0.0 HF3/HF4, 12.1.0-12.1.2 DoS via Traffic Pattern Disruption

Title source: llm

Description

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 through 12.1.2, undisclosed traffic patterns received while software SYN cookie protection is engaged may cause a disruption of service to the Traffic Management Microkernel (TMM) on specific platforms and configurations.

References (2)

Core 2

Core References

Vendor Advisory x_refsource_confirm

https://support.f5.com/csp/article/K82851041

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1038409

Scores

CVSS v3 5.9

EPSS 0.0070

EPSS Percentile 72.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Status published

Products (50)

f5/big-ip_access_policy_manager 11.6.1

f5/big-ip_access_policy_manager 12.0.0

f5/big-ip_access_policy_manager 12.1.0

f5/big-ip_access_policy_manager 12.1.1

f5/big-ip_access_policy_manager 12.1.2

f5/big-ip_advanced_firewall_manager 11.6.1

f5/big-ip_advanced_firewall_manager 12.0.0

f5/big-ip_advanced_firewall_manager 12.1.0

f5/big-ip_advanced_firewall_manager 12.1.1

f5/big-ip_advanced_firewall_manager 12.1.2

... and 40 more

Published May 09, 2017

Tracked Since Feb 18, 2026