F5 Ssl Intercept Iapp vulnerabilities
2 known vulnerabilities affecting f5/ssl_intercept_iapp.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2017-0305CRITICALCVSS 9.8v1.5.0v1.5.72017-04-06
CVE-2017-0305 [CRITICAL] CVE-2017-0305: F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that
F5 SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration, extraction of sensitive system files, and possible remote command execution on the system when deployed using the Explicit Proxy feature plus SNAT Auto Map option for egress traffic.
nvd
CVE-2017-6130HIGHCVSS 7.4v1.5.0v1.5.72017-04-06
CVE-2017-6130 [HIGH] CWE-918 CVE-2017-6130: F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is vulnerable to a Server-Side Request
F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is vulnerable to a Server-Side Request Forgery (SSRF) attack when deployed using the Dynamic Domain Bypass (DDB) feature feature plus SNAT Auto Map option for egress traffic.
nvd