cbcvebase.
CVE-2017-0305
published 2017-04-06

CVE-2017-0305: F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration…

PriorityP260critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
3.78%
88.6th percentile
F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration, extraction of sensitive system files, and possible remote command execution on the system when deployed using the Explicit Proxy feature plus SNAT Auto Map option for egress traffic.

Affected

4 ranges
VendorProductVersion rangeFixed in
f5ssl_intercept_iapp
f5ssl_intercept_iapp
f5ssl_intercept_iapp
f5_networksssl_intercept_iapp_version

Detection & IOCsextracted from sources · hover to see the quote

  • ·Vulnerability is only exploitable when the F5 SSL Intercept iApp is deployed with BOTH the Explicit Proxy feature AND the SNAT Auto Map option for egress traffic enabled simultaneously.
  • ·Affected versions are F5 SSL Intercept iApp 1.5.0 through 1.5.7 only; deployments outside this version range are not affected.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.