Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2017-6161

UNKNOWN
Published 2017-10-27T14:00:00Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2017-6161. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypted and authenticate connections to mcpd. This vulnerability may allow remote attackers to cause a denial-of-service (DoS) attack via resource exhaustion.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

F5 Networks, Inc.

BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator

Affected Versions:

12.0.0 - 12.1.2 11.6.0 &#xe2 &#x80 " 11.6.1 11.4.0 &#xe2 " 11.5.4 11.2.1

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-r2cf-532c-v5v7

Advisory Details

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypted and authenticate connections to mcpd. This vulnerability may allow remote attackers to cause a denial-of-service (DoS) attack via resource exhaustion.

CVSS Scoring

CVSS Score

5.0

CVSS Vector

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2017-6161
WEB https://support.f5.com/csp/article/K62279530
WEB http://www.securityfocus.com/bid/101636
WEB http://www.securitytracker.com/id/1039675
WEB http://www.securitytracker.com/id/1039676

Advisory provided by GitHub Security Advisory Database. Published: May 17, 2022, Modified: May 17, 2022

References

https://support.f5.com/csp/article/K62279530
http://www.securitytracker.com/id/1039676
http://www.securityfocus.com/bid/101636
http://www.securitytracker.com/id/1039675
Published: 2017-10-27T14:00:00Z
Last Modified: 2024-09-16T20:31:33.873Z
Copied to clipboard!