CVE-2017-6161

MEDIUM

F5 BIG-IP 11.2.1, 11.4.0-11.5.4, 11.6.0-11.6.1, 12.0.0-12.1.2 DoS via ConfigSync

Title source: llm
STIX 2.1

Description

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypted and authenticate connections to mcpd. This vulnerability may allow remote attackers to cause a denial-of-service (DoS) attack via resource exhaustion.

References (4)

Core 4
Core References
Vendor Advisory x_refsource_confirm
https://support.f5.com/csp/article/K62279530
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1039676
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/101636
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1039675

Scores

CVSS v3 5.3
EPSS 0.0275
EPSS Percentile 86.2%
Attack Vector ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-400
Status published
Products (50)
f5/big-ip_access_policy_manager 11.2.1
f5/big-ip_access_policy_manager 11.6.0
f5/big-ip_access_policy_manager 11.6.1
f5/big-ip_access_policy_manager 12.0.0
f5/big-ip_access_policy_manager 12.1.0
f5/big-ip_access_policy_manager 12.1.1
f5/big-ip_access_policy_manager 12.1.2
f5/big-ip_access_policy_manager 11.5.0 - 11.5.4
f5/big-ip_advanced_firewall_manager 11.2.1
f5/big-ip_advanced_firewall_manager 11.6.0
... and 40 more
Published Oct 27, 2017
Tracked Since Feb 18, 2026