[Forgot Password]
Login  Register Subscribe

23631

 
 

126951

 
 

99536

 
 

909

 
 

80128

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2016-7468

Date: (C)2017-03-25   (M)2017-12-07 


An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4 devices with maliciously crafted network traffic. This vulnerability affects virtual servers associated with TCP profiles when the BIG-IP system's tm.tcpprogressive db variable value is set to non-default setting "enabled". The default value for the tm.tcpprogressive db variable is "negotiate". An attacker may be able to disrupt traffic or cause the BIG-IP system to fail over to another device in the device group.

CVSS Score: 4.3Access Vector: NETWORK
Exploit Score: 8.6Access Complexity: MEDIUM
Impact Score: 2.9Authentication: NONE
 Confidentiality: NONE
 Integrity: NONE
 Availability: PARTIAL





Reference:
SECTRACK-1038121
BID-97119
https://support.f5.com/csp/article/K13053402

CPE    65
cpe:/a:f5:big-ip_analytics:11.4.1
cpe:/a:f5:big-ip_analytics:11.4.0
cpe:/a:f5:big-ip_analytics:11.5.0
cpe:/a:f5:big-ip_application_security_manager:11.4.0
...
CWE    1
CWE-284

© 2013 SecPod Technologies