Vulnerability Description
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe 12.1.2-HF1 and 13.0.0, an undisclosed type of responses may cause TMM to restart, causing an interruption of service when "SSL Forward Proxy" setting is enabled in both the Client and Server SSL profiles assigned to a BIG-IP Virtual Server.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| F5 | Big-Ip Local Traffic Manager | 12.1.2 |
| F5 | Big-Ip Application Acceleration Manager | 12.1.2 |
| F5 | Big-Ip Advanced Firewall Manager | 12.1.2 |
| F5 | Big-Ip Analytics | 12.1.2 |
| F5 | Big-Ip Access Policy Manager | 12.1.2 |
| F5 | Big-Ip Application Security Manager | 12.1.2 |
| F5 | Big-Ip Domain Name System | 12.1.2 |
| F5 | Big-Ip Link Controller | 12.1.2 |
| F5 | Big-Ip Policy Enforcement Manager | 12.1.2 |
| F5 | Big-Ip Websafe | 12.1.2 |
References
- http://www.securityfocus.com/bid/100981Third Party AdvisoryVDB Entry
- https://support.f5.com/csp/article/K43945001Vendor Advisory
- http://www.securityfocus.com/bid/100981Third Party AdvisoryVDB Entry
- https://support.f5.com/csp/article/K43945001Vendor Advisory
FAQ
What is CVE-2017-6147?
CVE-2017-6147 is a vulnerability with a CVSS score of 5.9 (MEDIUM). In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe 12.1.2-HF1 and 13.0.0, an undisclosed type of responses may cause TMM to restart, causing an interruption of ser...
How severe is CVE-2017-6147?
CVE-2017-6147 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-6147?
Check the references section above for vendor advisories and patch information. Affected products include: F5 Big-Ip Local Traffic Manager, F5 Big-Ip Application Acceleration Manager, F5 Big-Ip Advanced Firewall Manager, F5 Big-Ip Analytics, F5 Big-Ip Access Policy Manager.