CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-6131

In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may contain a default administrative password which could be used to remotely log into the BIG-IP system. The impacted administrative account is the Azure instance administrative user that was created at deployment. The root and admin accounts are not vulnerable. An attacker may be able to remotely access the BIG-IP host via SSH.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 72.4%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2017-6131

F5 » Big-Ip Access Policy Manager » Version: 12.0.0

cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0
F5 » Big-Ip Access Policy Manager » Version: 12.1.0

cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0
F5 » Big-Ip Access Policy Manager » Version: 12.1.1

cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1
F5 » Big-Ip Access Policy Manager » Version: 12.1.2

cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2
F5 » Big-Ip Access Policy Manager » Version: 13.0.0

cpe:2.3:a:f5:big-ip_access_policy_manager:13.0.0
F5 » Big-Ip Advanced Firewall Manager » Version: 12.0.0

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0
F5 » Big-Ip Advanced Firewall Manager » Version: 12.1.0

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0
F5 » Big-Ip Advanced Firewall Manager » Version: 12.1.1

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1
F5 » Big-Ip Advanced Firewall Manager » Version: 12.1.2

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2
F5 » Big-Ip Advanced Firewall Manager » Version: 13.0.0

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.0.0
F5 » Big-Ip Application Acceleration Manager » Version: 12.0.0

cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0
F5 » Big-Ip Application Acceleration Manager » Version: 12.1.0

cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0
F5 » Big-Ip Application Acceleration Manager » Version: 12.1.1

cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1
F5 » Big-Ip Application Acceleration Manager » Version: 12.1.2

cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2
F5 » Big-Ip Application Acceleration Manager » Version: 13.0.0

cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0
F5 » Big-Ip Application Security Manager » Version: 12.0.0

cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0
F5 » Big-Ip Application Security Manager » Version: 12.1.0

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0
F5 » Big-Ip Application Security Manager » Version: 12.1.1

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1
F5 » Big-Ip Application Security Manager » Version: 12.1.2

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2
F5 » Big-Ip Application Security Manager » Version: 13.0.0

cpe:2.3:a:f5:big-ip_application_security_manager:13.0.0
F5 » Big-Ip Domain Name System » Version: 12.0.0

cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0
F5 » Big-Ip Domain Name System » Version: 12.1.0

cpe:2.3:a:f5:big-ip_domain_name_system:12.1.0
F5 » Big-Ip Domain Name System » Version: 12.1.1

cpe:2.3:a:f5:big-ip_domain_name_system:12.1.1
F5 » Big-Ip Domain Name System » Version: 12.1.2

cpe:2.3:a:f5:big-ip_domain_name_system:12.1.2
F5 » Big-Ip Domain Name System » Version: 13.0.0

cpe:2.3:a:f5:big-ip_domain_name_system:13.0.0
F5 » Big-Ip Link Controller » Version: 12.0.0

cpe:2.3:a:f5:big-ip_link_controller:12.0.0
F5 » Big-Ip Link Controller » Version: 12.1.0

cpe:2.3:a:f5:big-ip_link_controller:12.1.0
F5 » Big-Ip Link Controller » Version: 12.1.1

cpe:2.3:a:f5:big-ip_link_controller:12.1.1
F5 » Big-Ip Link Controller » Version: 12.1.2

cpe:2.3:a:f5:big-ip_link_controller:12.1.2
F5 » Big-Ip Link Controller » Version: 13.0.0

cpe:2.3:a:f5:big-ip_link_controller:13.0.0
F5 » Big-Ip Local Traffic Manager » Version: 12.0.0

cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0
F5 » Big-Ip Local Traffic Manager » Version: 12.1.0

cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0
F5 » Big-Ip Local Traffic Manager » Version: 12.1.1

cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1
F5 » Big-Ip Local Traffic Manager » Version: 12.1.2

cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2
F5 » Big-Ip Local Traffic Manager » Version: 13.0.0

cpe:2.3:a:f5:big-ip_local_traffic_manager:13.0.0
F5 » Big-Ip Policy Enforcement Manager » Version: 12.0.0

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0
F5 » Big-Ip Policy Enforcement Manager » Version: 12.1.0

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0
F5 » Big-Ip Policy Enforcement Manager » Version: 12.1.1

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1
F5 » Big-Ip Policy Enforcement Manager » Version: 12.1.2

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2
F5 » Big-Ip Policy Enforcement Manager » Version: 13.0.0

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.0.0
F5 » Big-Ip Websafe » Version: 12.0.0

cpe:2.3:a:f5:big-ip_websafe:12.0.0
F5 » Big-Ip Websafe » Version: 12.1.0

cpe:2.3:a:f5:big-ip_websafe:12.1.0
F5 » Big-Ip Websafe » Version: 12.1.1

cpe:2.3:a:f5:big-ip_websafe:12.1.1
F5 » Big-Ip Websafe » Version: 12.1.2

cpe:2.3:a:f5:big-ip_websafe:12.1.2
F5 » Big-Ip Websafe » Version: 13.0.0

cpe:2.3:a:f5:big-ip_websafe:13.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-6131

Products

Pricing

Contact Us