QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2017-6160

Back to search

CVE-2017-6160

Published: Oct 27, 2017

Modified: Sep 16, 2024

PUBLISHED

Description

In F5 BIG-IP AAM and PEM software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.4.1 to 11.5.4, a remote attacker may create maliciously crafted HTTP request to cause Traffic Management Microkernel (TMM) to restart and temporarily fail to process traffic. This issue is exposed on virtual servers using a Policy Enforcement profile or a Web Acceleration profile. Systems that do not have BIG-IP AAM module provisioned are not vulnerable. The Traffic Management Microkernel (TMM) may restart and temporarily fail to process traffic. Systems that do not have BIG-IP AAM or PEM module provisioned are not vulnerable.

VendorProductVersions

F5 Networks, Inc.

BIG-IP AAM, PEM

affected
12.0.0 - 12.1.1
affected
11.6.0 - 11.6.1
affected
11.4.1 - 11.5.4

References

1039670
vdb-entry
x_refsource_SECTRACK
101632
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now