QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2017-6159

Back to search

CVE-2017-6159

Published: Oct 27, 2017

Modified: Sep 17, 2024

PUBLISHED

Description

F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 are vulnerable to a denial of service attack when the MPTCP option is enabled on a virtual server. Data plane is vulnerable when using the MPTCP option of a TCP profile. There is no control plane exposure. An attacker may be able to disrupt services by causing TMM to restart hence temporarily failing to process traffic.

VendorProductVersions

F5 Networks, Inc.

BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe

affected
12.0.0 - 12.1.2
affected
11.6.0 &#xe2
affected
&#x80
affected
" 11.6.1

References

1039669
vdb-entry
x_refsource_SECTRACK
101633
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now