1. Home
  2. CVE Database
  3. CVE-2017-6159
MEDIUM · 5.9

CVE-2017-6159

F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 are vulnerable to a denial of service attack when the MPTCP op...

Vulnerability Description

F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 are vulnerable to a denial of service attack when the MPTCP option is enabled on a virtual server. Data plane is vulnerable when using the MPTCP option of a TCP profile. There is no control plane exposure. An attacker may be able to disrupt services by causing TMM to restart hence temporarily failing to process traffic.

CVSS Score

5.9

MEDIUM

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
F5Big-Ip Local Traffic Manager11.6.0
F5Big-Ip Application Acceleration Manager11.6.0
F5Big-Ip Advanced Firewall Manager11.6.0
F5Big-Ip Access Policy Manager11.6.0
F5Big-Ip Application Security Manager11.6.0
F5Big-Ip Link Controller11.6.0
F5Big-Ip Policy Enforcement Manager11.6.0
F5Big-Ip Websafe1.0.0

References

FAQ

What is CVE-2017-6159?

CVE-2017-6159 is a vulnerability with a CVSS score of 5.9 (MEDIUM). F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 are vulnerable to a denial of service attack when the MPTCP op...

How severe is CVE-2017-6159?

CVE-2017-6159 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-6159?

Check the references section above for vendor advisories and patch information. Affected products include: F5 Big-Ip Local Traffic Manager, F5 Big-Ip Application Acceleration Manager, F5 Big-Ip Advanced Firewall Manager, F5 Big-Ip Access Policy Manager, F5 Big-Ip Application Security Manager.