CVE-2017-6130

Name of the Vulnerable Software and Affected Versions F5 SSL Intercept iApp versions 1.5.0 through 1.5.7 F5 SSL Orchestrator version 2.0

Description The issue allows for a Server-Side Request Forgery (SSRF) attack. This occurs when the Dynamic Domain Bypass (DDB) feature is used along with the SNAT Auto Map option for egress traffic.

Recommendations For F5 SSL Intercept iApp versions 1.5.0 through 1.5.7, consider disabling the Dynamic Domain Bypass (DDB) feature or the SNAT Auto Map option as a temporary workaround until a patch is available. For F5 SSL Orchestrator version 2.0, restrict the use of the DDB feature with SNAT Auto Map to minimize the risk of exploitation.