CVE-2017-0305
published 2017-04-06CVE-2017-0305: F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration…
PriorityP260critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
3.78%
88.6th percentile
F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration, extraction of sensitive system files, and possible remote command execution on the system when deployed using the Explicit Proxy feature plus SNAT Auto Map option for egress traffic.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | ssl_intercept_iapp | — | — |
| f5 | ssl_intercept_iapp | — | — |
| f5 | ssl_intercept_iapp | — | — |
| f5_networks | ssl_intercept_iapp_version | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- ·Vulnerability is only exploitable when the F5 SSL Intercept iApp is deployed with BOTH the Explicit Proxy feature AND the SNAT Auto Map option for egress traffic enabled simultaneously. ↗
- ·Affected versions are F5 SSL Intercept iApp 1.5.0 through 1.5.7 only; deployments outside this version range are not affected. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xqxc-xrjc-68wf: F5 SSL Intercept iApp version 1
ghsa_unreviewed·2022-05-13
CVE-2017-0305 [CRITICAL] GHSA-xqxc-xrjc-68wf: F5 SSL Intercept iApp version 1
F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration, extraction of sensitive system files, and possible remote command execution on the system when deployed using the Explicit Proxy feature plus SNAT Auto Map option for egress traffic.
F5
CVE-2017-0305: F5 SSL Intercept iApp version 1
vendor_f5·2017-04-06·CVSS 9.8
CVE-2017-0305 [CRITICAL] CVE-2017-0305: F5 SSL Intercept iApp version 1
CVE-2017-0305: F5 SSL Intercept iApp version 1
F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration, extraction of sensitive system files, and possible remote command execution on the system when deployed using the Explicit Proxy feature plus SNAT Auto Map option for egress traffic.
Affected Products: Ssl Intercept Iapp
Affected Versions: 1.5.0; 1.5.7
F5 Advisory Articles: K53244431
F5 References: https://support.f5.com/csp/article/K53244431
No detection rules found.
Nuclei
Ncast busiFacade - Remote Command Execution
nuclei·CVSS 7.5
CVE-2024-0305 [MEDIUM] Ncast busiFacade - Remote Command Execution
Ncast busiFacade - Remote Command Execution
The Ncast Yingshi high-definition intelligent recording and playback system is a newly developed audio and video recording and playback system. The system has RCE vulnerabilities in versions 2017 and earlier.
Template:
id: CVE-2024-0305
info:
name: Ncast busiFacade - Remote Command Execution
author: BMCel
severity: high
description: |
The Ncast Yingshi high-definition intelligent recording and playback system is a newly developed audio and video recording and playback system. The system has RCE vulnerabilities in versions 2017 and earlier.
remediation: |
Apply the latest security patches and updates from the vendor to address this vulnerability.
impact: |
Allows remote attackers to execute arbitrary code on the affected system.
reference:
- h
No writeups or analysis indexed.
2017-04-06
Published