CVE-2016-3687

Name of the Vulnerable Software and Affected Versions F5 BIG-IP APM versions 11.2.1, 11.4.x, 11.5.x, and 11.6.x before 11.6.0 HF6 F5 Edge Gateway version 11.2.1

Description The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. This is achieved via a base64-encoded URL in the SSO ORIG URI parameter when using multi-domain single sign-on (SSO).

Recommendations For F5 BIG-IP APM versions 11.2.1, 11.4.x, 11.5.x, and 11.6.x before 11.6.0 HF6, update to version 11.6.0 HF6 or later. For F5 Edge Gateway version 11.2.1, consider disabling the multi-domain single sign-on (SSO) feature until a patch is available. As a temporary workaround, restrict access to the SSO ORIG URI parameter to minimize the risk of exploitation.