CVE-2017-0305

Name of the Vulnerable Software and Affected Versions F5 SSL Intercept iApp versions 1.5.0 through 1.5.7

Description The issue allows for an unauthenticated, remote attack. This may enable modification of the BIG-IP system configuration, extraction of sensitive system files, and possible remote command execution on the system when deployed using the Explicit Proxy feature plus SNAT Auto Map option for egress traffic.

Recommendations For F5 SSL Intercept iApp versions 1.5.0 through 1.5.7, consider disabling the Explicit Proxy feature with SNAT Auto Map option for egress traffic until a patch is available. Restrict access to sensitive system files and configuration to minimize the risk of exploitation.