cbcvebase.
CVE-2017-6157
published 2017-10-27

CVE-2017-6157: In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.0 -…

high8.1CVSS 3.0
AVNACHPRNUINSUCHIHAH
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.0 - 11.5.4, virtual servers with a configuration using the HTTP Explicit Proxy functionality and/or SOCKS profile are vulnerable to an unauthenticated, remote attack that allows modification of BIG-IP system configuration, extraction of sensitive system files, and/or possible remote command execution on the BIG-IP system.

Affected

55 ranges· showing 25
VendorProductVersion rangeFixed in
f5big-ip_aam
f5big-ip_access_policy_manager
f5big-ip_access_policy_manager
f5big-ip_access_policy_manager
f5big-ip_access_policy_manager
f5big-ip_access_policy_manager
f5big-ip_access_policy_manager11.5.0 – 11.5.4
f5big-ip_advanced_firewall_manager
f5big-ip_advanced_firewall_manager
f5big-ip_advanced_firewall_manager
f5big-ip_advanced_firewall_manager
f5big-ip_advanced_firewall_manager
f5big-ip_advanced_firewall_manager11.5.0 – 11.5.4
f5big-ip_afm
f5big-ip_apm
f5big-ip_application_acceleration_manager
f5big-ip_application_acceleration_manager
f5big-ip_application_acceleration_manager
f5big-ip_application_acceleration_manager
f5big-ip_application_acceleration_manager
f5big-ip_application_acceleration_manager11.5.0 – 11.5.4
f5big-ip_application_security_manager
f5big-ip_application_security_manager
f5big-ip_application_security_manager
f5big-ip_application_security_manager