| Title | 複数の F5 BIG-IP 製品 におけるアクセス制御に関する脆弱性 |
|---|---|
| Summary | 複数の F5 BIG-IP 製品 には、アクセス制御に関する脆弱性が存在します。 |
| Possible impacts | サービス運用妨害 (DoS) 状態にされる可能性があります。 |
| Solution | ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。 |
| Publication Date | May 5, 2017, midnight |
| Registration Date | June 13, 2017, 6:16 p.m. |
| Last Update | June 13, 2017, 6:16 p.m. |
| CVSS3.0 : 警告 | |
| Score | 5.9 |
|---|---|
| Vector | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
| CVSS2.0 : 警告 | |
| Score | 4.3 |
|---|---|
| Vector | AV:N/AC:M/Au:N/C:N/I:N/A:P |
| F5 Networks |
| BIG-IP Access Policy Manager (APM) |
| BIG-IP Advanced Firewall Manager (AFM) |
| BIG-IP Analytics |
| BIG-IP Application Acceleration Manager (AAM) |
| BIG-IP Application Security Manager (ASM) |
| BIG-IP Domain Name System (DNS) |
| BIG-IP Edge Gateway |
| BIG-IP Global Traffic Manager (GTM) |
| BIG-IP Link Controller |
| BIG-IP Local Traffic Manager (LTM) |
| BIG-IP Policy Enforcement Manager (PEM) |
| BIG-IP WebSafe |
| No | Changed Details | Date of change |
|---|---|---|
| 0 | [2017年06月13日] 掲載 |
Feb. 17, 2018, 10:37 a.m. |
| Summary | In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 through 12.1.2, undisclosed traffic patterns received while software SYN cookie protection is engaged may cause a disruption of service to the Traffic Management Microkernel (TMM) on specific platforms and configurations. |
|---|---|
| Publication Date | May 10, 2017, 12:29 a.m. |
| Registration Date | Jan. 26, 2021, 1:26 p.m. |
| Last Update | Nov. 21, 2024, 12:29 p.m. |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:* | |||||
| Configuration2 | or higher | or less | more than | less than | |
| cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2:*:*:*:*:*:*:* | |||||
| Configuration3 | or higher | or less | more than | less than | |
| cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1:*:*:*:*:*:*:* | |||||
| Configuration4 | or higher | or less | more than | less than | |
| cpe:2.3:a:f5:big-ip_analytics:11.6.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_analytics:12.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_analytics:12.1.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_analytics:12.1.1:*:*:*:*:*:*:* | |||||
| Configuration5 | or higher | or less | more than | less than | |
| cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:* | |||||
| Configuration6 | or higher | or less | more than | less than | |
| cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2:*:*:*:*:*:*:* | |||||
| Configuration7 | or higher | or less | more than | less than | |
| cpe:2.3:a:f5:big-ip_domain_name_system:12.1.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_domain_name_system:12.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_domain_name_system:12.1.1:*:*:*:*:*:*:* | |||||
| Configuration8 | or higher | or less | more than | less than | |
| cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.1:*:*:*:*:*:*:* | |||||
| Configuration9 | or higher | or less | more than | less than | |
| cpe:2.3:a:f5:big-ip_link_controller:12.1.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_link_controller:12.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_link_controller:11.6.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_link_controller:12.1.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:* | |||||
| Configuration10 | or higher | or less | more than | less than | |
| cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0:*:*:*:*:*:*:* | |||||
| Configuration11 | or higher | or less | more than | less than | |
| cpe:2.3:a:f5:big-ip_websafe:11.6.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_websafe:12.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_websafe:12.0.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_websafe:12.1.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:f5:big-ip_websafe:12.1.2:*:*:*:*:*:*:* | |||||