CVE-2017-6130
published 2017-04-06CVE-2017-6130: F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is vulnerable to a Server-Side Request Forgery (SSRF) attack when deployed using the Dynamic…
high7.4CVSS 3.0
AVNACLPRNUIRSCCNIHAN
F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is vulnerable to a Server-Side Request Forgery (SSRF) attack when deployed using the Dynamic Domain Bypass (DDB) feature feature plus SNAT Auto Map option for egress traffic.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | ssl_intercept_iapp | — | — |
| f5 | ssl_intercept_iapp | — | — |
| f5 | ssl_intercept_iapp | — | — |
| f5 | ssl_orchestrator | — | — |
| f5 | ssl_orchestrator | — | — |
| f5_networks | ssl_intercept_iapp_1.5.0_1.5.7_and_ssl_orchestrator_2.0 | — | — |