CVE-2017-6162
https://notcve.org/view.php?id=CVE-2017-6162
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, 11.2.1, in some cases TMM may crash when processing TCP traffic. This vulnerability affects TMM via a virtual server configured with TCP profile. Traffic processing is disrupted while Traffic Management Microkernel (TMM) restarts. If the affected BIG-IP system is configured to be part of a device group, it will trigger a failover to the peer device. En F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, Websafe en versiones de software de la 12.0.0 a la 12.1.2, de la 11.6.0 a la 11.6.1, de la 11.4.0 a la 11.5.4 y en la versión 11.2.1, en algunos casos, TMM podría cerrarse de manera inesperada cuando procesa tráfico TCP. • http://www.securityfocus.com/bid/101635 http://www.securitytracker.com/id/1039673 https://support.f5.com/csp/article/K13421245 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-6163
https://notcve.org/view.php?id=CVE-2017-6163
In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a number of concurrent streams beyond the advertised limit can cause a disruption of service. Remote client initiating stream beyond the advertised limit can cause a disruption of service. The Traffic Management Microkernel (TMM) data plane is exposed to this issue; the control plane is not exposed. En F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM en versiones de software de la 12.0.0 a la 12.1.2, de la 11.6.0 a la 11.6.1 y de la 11.4.0 a la 11.5.4, cuando un servidor virtual utiliza la configuración estándar de los perfiles SPDY o HTTP/2 con un perfil Client SSL y el cliente inicia un número de transmisiones concurrentes superior al límite establecido, se puede provocar una interrupción del servicio. El cliente remoto que inicia una transmisión más allá del límite establecido puede provocar una interrupción del servicio. • http://www.securityfocus.com/bid/101606 http://www.securitytracker.com/id/1039671 https://support.f5.com/csp/article/K22541983 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-6165
https://notcve.org/view.php?id=CVE-2017-6165
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5.1 HF6 through 11.5.4 HF4, 11.6.0 through 11.6.1 HF1, and 12.0.0 through 12.1.2 on VIPRION platforms only, the script which synchronizes SafeNet External Network HSM configuration elements between blades in a clustered deployment will log the HSM partition password in cleartext to the "/var/log/ltm" log file. En F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM y WebSafe 11.5.1 HF6 hasta la versión 11.5.4 HF4, 11.6.0 hasta la versión 11.6.1 HF1 y 12.0.0 hasta la versión 12.1.2 solo en plataformas VIPRION, el script que sincroniza elementos de configuración SafeNet External Network HSM entre hojas en una implementación agrupada registrará la contraseña de partición HSM en texto en claro en el archivo de registro "/var/log/ltm". • http://www.securityfocus.com/bid/101543 http://www.securitytracker.com/id/1039638 https://support.f5.com/csp/article/K74759095 • CWE-532: Insertion of Sensitive Information into Log File •
CVE-2016-7469
https://notcve.org/view.php?id=CVE-2016-7469
A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cause the Configuration utility client to become unstable. Una vulnerabilidad de tipo cross-site scripting (XSS) almacenada en la página de cambio de nombre del dispositivo de la utilidad Configuration en BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM y WebSafe versión 12.0.0 hasta 12.1.2, versión 11.4.0 hasta 11.6.1, y versión 11.2.1, permite a un usuario autenticado inyectar un script web o HTML arbitrario. La explotación requiere administrador de recursos o permisos de administrador, y podría causar que el cliente de la utilidad Configuration se vuelva inestable. • http://www.securityfocus.com/bid/95320 http://www.securitytracker.com/id/1037559 http://www.securitytracker.com/id/1037560 https://support.f5.com/csp/article/K97285349 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-6131
https://notcve.org/view.php?id=CVE-2017-6131
In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may contain a default administrative password which could be used to remotely log into the BIG-IP system. The impacted administrative account is the Azure instance administrative user that was created at deployment. The root and admin accounts are not vulnerable. An attacker may be able to remotely access the BIG-IP host via SSH. En algunas circunstancias, una instancia de nube de Azure de F5 BIG-IP versiones 12.0.0 hasta 12.1.2 y versión 13.0.0, puede contener una contraseña administrativa por defecto que podría usarse para iniciar sesión de manera remota en el sistema BIG-IP. • http://www.securitytracker.com/id/1038569 https://support.f5.com/csp/article/K61757346 • CWE-798: Use of Hard-coded Credentials •