CVE-2017-6164

Published: Dec 21, 2017

Modified: Sep 17, 2024

PUBLISHED

Description

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, 12.0.0 - 12.1.2, 11.6.0 - 11.6.1 and 11.5.0 - 11.5.4, in some circumstances, Traffic Management Microkernel (TMM) does not properly handle certain malformed TLS1.2 records, which allows remote attackers to cause a denial-of-service (DoS) or possible remote command execution on the BIG-IP system.

Vendor	Product	Versions
F5 Networks, Inc.	BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe	affected `13.0.0` affected `12.0.0 - 12.1.2` affected `11.6.0 - 11.6.1` affected `11.5.0 - 11.5.4`

References

1040054

vdb-entry

x_refsource_SECTRACK

https://support.f5.com/csp/article/K02714910

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-6164

Description

Affected Products

References