← volver
CVE-2017-6161

CVE-2017-6161

EPSS 1.0%
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 1.0%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
27 oct 2017Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypted and authenticate connections to mcpd. This vulnerability may allow remote attackers to cause a denial-of-service (DoS) attack via resource exhaustion.
Productos afectados
F5 Networks, Inc. · BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://support.f5.com/csp/article/K62279530http://www.securityfocus.com/bid/101636http://www.securitytracker.com/id/1039675http://www.securitytracker.com/id/1039676