PT-2017-9193 · F5 · F5 Big-Ip

Published

2017-03-23

Updated

2019-06-06

CVE-2016-7468

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions 11.4.1 through 11.5.4

Description An unauthenticated remote attacker may disrupt services on affected devices with maliciously crafted network traffic. This issue affects virtual servers associated with TCP profiles when the tm.tcpprogressive db variable value is set to the non-default setting "enabled". The default value for the tm.tcpprogressive db variable is "negotiate". An attacker may disrupt traffic or cause the BIG-IP system to fail over to another device in the device group.

Recommendations For F5 BIG-IP versions 11.4.1 through 11.5.4, consider changing the tm.tcpprogressive db variable value to its default setting "negotiate" to mitigate the risk of disruption.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2016-7468

Affected Products

F5 Big-Ip

PT-2017-9193 · F5 · F5 Big-Ip

CVE-2016-7468

Weakness Enumeration

Related Identifiers

Affected Products

References · 5