CVE-2017-6162
MEDIUMF5 BIG-IP 11.2.1-12.1.2 DoS via TCP Traffic Processing
Title source: llmDescription
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, 11.2.1, in some cases TMM may crash when processing TCP traffic. This vulnerability affects TMM via a virtual server configured with TCP profile. Traffic processing is disrupted while Traffic Management Microkernel (TMM) restarts. If the affected BIG-IP system is configured to be part of a device group, it will trigger a failover to the peer device.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/101635
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1039673
Vendor Advisory x_refsource_confirm
https://support.f5.com/csp/article/K13421245
Scores
CVSS v3
5.9
EPSS
0.0152
EPSS Percentile
81.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-119
Status
published
Products (50)
f5/big-ip_access_policy_manager
11.2.1
f5/big-ip_access_policy_manager
11.6.0
f5/big-ip_access_policy_manager
11.6.1
f5/big-ip_access_policy_manager
12.0.0
f5/big-ip_access_policy_manager
12.1.0
f5/big-ip_access_policy_manager
12.1.1
f5/big-ip_access_policy_manager
11.5.0 - 11.5.4
f5/big-ip_advanced_firewall_manager
11.2.1
f5/big-ip_advanced_firewall_manager
11.6.0
f5/big-ip_advanced_firewall_manager
11.6.1
... and 40 more
Published
Oct 27, 2017
Tracked Since
Feb 18, 2026