CVE-2017-6161

Name of the Vulnerable Software and Affected Versions F5 BIG-IP software versions 11.2.1, 11.4.0 through 11.5.4, 11.6.0 through 11.6.1, 12.0.0 through 12.1.2

Description The issue allows attackers on adjacent networks to bypass TLS protections, potentially leading to a denial-of-service (DoS) attack via resource exhaustion when ConfigSync is configured. This could affect connections to mcpd.

Recommendations For versions 11.2.1, consider disabling ConfigSync to prevent exploitation until a fix is available. For versions 11.4.0 through 11.5.4, restrict access to mcpd to minimize the risk of resource exhaustion. For versions 11.6.0 through 11.6.1, avoid using ConfigSync until the issue is resolved. For versions 12.0.0 through 12.1.2, consider implementing additional security measures to prevent adjacent network attacks.