CVE-2015-8611
published 2016-01-12CVE-2015-8611: BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, and PEM 12.0.0 before HF1 on the 2000, 4000, 5000, 7000, and 10000 platforms do not properly…
critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, and PEM 12.0.0 before HF1 on the 2000, 4000, 5000, 7000, and 10000 platforms do not properly sync passwords with the Always-On Management (AOM) subsystem, which might allow remote attackers to obtain login access to AOM via an (1) expired or (2) default password.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | big-ip_access_policy_manager | — | — |
| f5 | big-ip_advanced_firewall_manager | — | — |
| f5 | big-ip_analytics | — | — |
| f5 | big-ip_application_acceleration_manager | — | — |
| f5 | big-ip_application_security_manager | — | — |
| f5 | big-ip_domain_name_system | — | — |
| f5 | big-ip_link_controller | — | — |
| f5 | big-ip_local_traffic_manager | — | — |
| f5 | big-ip_policy_enforcement_manager | — | — |
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2016-01-12
Published