Vulnerability Description
F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP DNS 12.0.0 before build 1.14.628; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, and 11.6.0 before build 6.204.442; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 build 685-HF10; BIG-IQ Cloud, Device, and Security 4.2.0 through 4.5.0; and BIG-IQ ADC 4.5.0 do not properly regenerate certificates and keys when deploying cloud images in Amazon Web Services (AWS), Azure or Verizon cloud services environments, which allows attackers to obtain sensitive information or cause a denial of service (disruption) by leveraging a target instance configuration.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| F5 | Big-Iq Security | 4.2.0 |
| F5 | Big-Ip Webaccelerator | 11.3.0 |
| F5 | Big-Ip Application Security Manager | 11.3.0 |
| F5 | Big-Ip Access Policy Manager | 11.3.0 |
| F5 | Big-Ip Policy Enforcement Manager | 11.3.0 |
| F5 | Big-Iq Cloud | 4.2.0 |
| F5 | Big-Iq Application Delivery Controller | 4.5.0 |
| F5 | Big-Ip Global Traffic Manager | 11.3.0 |
| F5 | Big-Ip Local Traffic Manager | 11.3.0 |
| F5 | Big-Iq Device | 4.2.0 |
| F5 | Big-Ip Edge Gateway | 11.3.0 |
| F5 | Big-Ip Application Acceleration Manager | 11.4.1 |
| F5 | Big-Ip Wan Optimization Manager | 11.3.0 |
| F5 | Big-Ip Advanced Firewall Manager | 11.3.0 |
| F5 | Big-Ip Link Controller | 11.3.0 |
| F5 | Big-Ip Protocol Security Module | 11.3.0 |
| F5 | Big-Ip Analytics | 11.3.0 |
| F5 | Big-Ip Domain Name System | 12.0.0 |
Related Weaknesses (CWE)
References
- http://www.securitytracker.com/id/1035520
- https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.htmlVendor Advisory
- http://www.securitytracker.com/id/1035520
- https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.htmlVendor Advisory
FAQ
What is CVE-2016-2084?
CVE-2016-2084 is a vulnerability with a CVSS score of 7.4 (HIGH). F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6...
How severe is CVE-2016-2084?
CVE-2016-2084 has been rated HIGH with a CVSS base score of 7.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-2084?
Check the references section above for vendor advisories and patch information. Affected products include: F5 Big-Iq Security, F5 Big-Ip Webaccelerator, F5 Big-Ip Application Security Manager, F5 Big-Ip Access Policy Manager, F5 Big-Ip Policy Enforcement Manager.