CVE-2016-5745

Name of the Vulnerable Software and Affected Versions F5 BIG-IP LTM systems versions 11.x before 11.2.1 HF16 F5 BIG-IP LTM systems versions 11.3.x F5 BIG-IP LTM systems versions 11.4.x before 11.4.1 HF11 F5 BIG-IP LTM systems version 11.5.0 F5 BIG-IP LTM systems versions 11.5.1 before HF11 F5 BIG-IP LTM systems version 11.5.2 F5 BIG-IP LTM systems version 11.5.3 F5 BIG-IP LTM systems versions 11.5.4 before HF2 F5 BIG-IP LTM systems versions 11.6.0 before HF8 F5 BIG-IP LTM systems versions 11.6.1 before HF1 F5 BIG-IP LTM systems versions 12.0.0 before HF4 F5 BIG-IP LTM systems versions 12.1.0 before HF2

Description The issue allows remote attackers to modify or extract system configuration files via vectors involving NAT64.

Recommendations For F5 BIG-IP LTM systems versions 11.x before 11.2.1 HF16, update to version 11.2.1 HF16 or later. For F5 BIG-IP LTM systems versions 11.3.x, update to a version outside of the 11.3.x range. For F5 BIG-IP LTM systems versions 11.4.x before 11.4.1 HF11, update to version 11.4.1 HF11 or later. For F5 BIG-IP LTM systems version 11.5.0, update to a version outside of 11.5.0. For F5 BIG-IP LTM systems versions 11.5.1 before HF11, update to version 11.5.1 HF11 or later. For F5 BIG-IP LTM systems version 11.5.2, update to a version outside of 11.5.2. For F5 BIG-IP LTM systems version 11.5.3, update to a version outside of 11.5.3. For F5 BIG-IP LTM systems versions 11.5.4 before HF2, update to version 11.5.4 HF2 or later. For F5 BIG-IP LTM systems versions 11.6.0 before HF8, update to version 11.6.0 HF8 or later. For F5 BIG-IP LTM systems versions 11.6.1 before HF1, update to version 11.6.1 HF1 or later. For F5 BIG-IP LTM systems versions 12.0.0 before HF4, update to version 12.0.0 HF4 or later. For F5 BIG-IP LTM systems versions 12.1.0 before HF2, update to version 12.1.0 HF2 or later.