PT-2016-7151 · F5 · Big-Ip Apm+13
Publicado
2016-09-07
·
Atualizado
2019-06-06
·
CVE-2016-6876
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
F5 BIG-IP LTM versions 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x through 11.5.3, 11.6.x through 11.6.0, and 12.0.0
F5 BIG-IP APM versions 11.4.x, 11.5.x through 11.5.3, 11.6.x through 11.6.0, and 12.0.0
F5 BIG-IP ASM versions 11.4.x, 11.5.x through 11.5.3, 11.6.x through 11.6.0, and 12.0.0
F5 BIG-IP AAM versions 11.4.x, 11.5.x through 11.5.3, 11.6.x through 11.6.0, and 12.0.0
F5 BIG-IP AFM versions 11.4.x, 11.5.x through 11.5.3, 11.6.x through 11.6.0, and 12.0.0
F5 BIG-IP PEM versions 11.4.x, 11.5.x through 11.5.3, 11.6.x through 11.6.0, and 12.0.0
F5 BIG-IP Analytics versions 11.2.1, 11.4.x, 11.5.x through 11.5.3, 11.6.x through 11.6.0, and 12.0.0
F5 BIG-IP DNS version 12.0.0
F5 BIG-IP Edge Gateway versions 10.2.1 through 10.2.4 and 11.2.1
F5 BIG-IP WebAccelerator versions 10.2.1 through 10.2.4 and 11.2.1
F5 BIG-IP WOM versions 10.2.1 through 10.2.4 and 11.2.1
F5 BIG-IP GTM versions 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x through 11.5.3, and 11.6.x through 11.6.0
F5 BIG-IP PSM versions 10.2.1 through 10.2.4 and 11.4.0 through 11.4.1
F5 BIG-IP Link Controller versions 10.2.1 through 10.2.4
Description
The issue allows remote DNS servers to cause a denial of service via a crafted PTR response, potentially leading to CPU consumption or a Traffic Management Microkernel crash.
Recommendations
For F5 BIG-IP LTM versions 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x through 11.5.3, 11.6.x through 11.6.0, and 12.0.0, update to a fixed version.
For F5 BIG-IP APM versions 11.4.x, 11.5.x through 11.5.3, 11.6.x through 11.6.0, and 12.0.0, update to a fixed version.
For F5 BIG-IP ASM versions 11.4.x, 11.5.x through 11.5.3, 11.6.x through 11.6.0, and 12.0.0, update to a fixed version.
For F5 BIG-IP AAM versions 11.4.x, 11.5.x through 11.5.3, 11.6.x through 11.6.0, and 12.0.0, update to a fixed version.
For F5 BIG-IP AFM versions 11.4.x, 11.5.x through 11.5.3, 11.6.x through 11.6.0, and 12.0.0, update to a fixed version.
For F5 BIG-IP PEM versions 11.4.x, 11.5.x through 11.5.3, 11.6.x through 11.6.0, and 12.0.0, update to a fixed version.
For F5 BIG-IP Analytics versions 11.2.1, 11.4.x, 11.5.x through 11.5.3, 11.6.x through 11.6.0, and 12.0.0, update to a fixed version.
For F5 BIG-IP DNS version 12.0.0, update to a fixed version.
For F5 BIG-IP Edge Gateway versions 10.2.1 through 10.2.4 and 11.2.1, update to a fixed version.
For F5 BIG-IP WebAccelerator versions 10.2.1 through 10.2.4 and 11.2.1, update to a fixed version.
For F5 BIG-IP WOM versions 10.2.1 through 10.2.4 and 11.2.1, update to a fixed version.
For F5 BIG-IP GTM versions 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x through 11.5.3, and 11.6.x through 11.6.0, update to a fixed version.
For F5 BIG-IP PSM versions 10.2.1 through 10.2.4 and 11.4.0 through 11.4.1, update to a fixed version.
For F5 BIG-IP Link Controller versions 10.2.1 through 10.2.4, update to a fixed version.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Big-Ip Aam
Big-Ip Afm
Big-Ip Apm
Big-Ip Asm
Big-Ip Analytics
Big-Ip Dns
Big-Ip Edge Gateway
Big-Ip Gtm
Big-Ip Ltm
Big-Ip Link Controller
Big-Ip Pem
Big-Ip Psm
Big-Ip Wom
Big-Ip Webaccelerator