CVE-2017-6169
MEDIUMF5 BIG-IP Policy Enforcement Manager 11.6.0-11.6.2, 12.0.0-12.1.3, 13.0.0 - DoS via Malformed URL
Title source: llmDescription
In versions 13.0.0, 12.0.0-12.1.3, or 11.6.0-11.6.2, an F5 BIG-IP virtual server using the URL categorization feature may cause the Traffic Management Microkernel (TMM) to produce a core file when it receives malformed URLs during categorization.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://support.f5.com/csp/article/K31404801
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1040332
Scores
CVSS v3
6.8
EPSS
0.0067
EPSS Percentile
71.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (9)
f5/big-ip_policy_enforcement_manager
11.6.0
f5/big-ip_policy_enforcement_manager
11.6.1
f5/big-ip_policy_enforcement_manager
11.6.2
f5/big-ip_policy_enforcement_manager
12.0.0
f5/big-ip_policy_enforcement_manager
12.1.0
f5/big-ip_policy_enforcement_manager
12.1.1
f5/big-ip_policy_enforcement_manager
12.1.2
f5/big-ip_policy_enforcement_manager
12.1.3
f5/big-ip_policy_enforcement_manager
13.0.0
Published
Feb 06, 2018
Tracked Since
Feb 18, 2026