CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-6159

F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 are vulnerable to a denial of service attack when the MPTCP option is enabled on a virtual server. Data plane is vulnerable when using the MPTCP option of a TCP profile. There is no control plane exposure. An attacker may be able to disrupt services by causing TMM to restart hence temporarily failing to process traffic.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.6%

CVSS Severity

CVSS v3 Score 5.9

CVSS v2 Score 4.3

References

Products affected by CVE-2017-6159

F5 » Big-Ip Access Policy Manager » Version: 11.6.0

cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0
F5 » Big-Ip Access Policy Manager » Version: 11.6.1

cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1
F5 » Big-Ip Access Policy Manager » Version: 12.0.0

cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0
F5 » Big-Ip Access Policy Manager » Version: 12.1.0

cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0
F5 » Big-Ip Access Policy Manager » Version: 12.1.1

cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1
F5 » Big-Ip Access Policy Manager » Version: 12.1.2

cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2
F5 » Big-Ip Advanced Firewall Manager » Version: 11.6.0

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0
F5 » Big-Ip Advanced Firewall Manager » Version: 11.6.1

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.1
F5 » Big-Ip Advanced Firewall Manager » Version: 12.0.0

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0
F5 » Big-Ip Advanced Firewall Manager » Version: 12.1.0

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.0
F5 » Big-Ip Advanced Firewall Manager » Version: 12.1.1

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.1
F5 » Big-Ip Advanced Firewall Manager » Version: 12.1.2

cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.2
F5 » Big-Ip Application Acceleration Manager » Version: 11.6.0

cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0
F5 » Big-Ip Application Acceleration Manager » Version: 11.6.1

cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1
F5 » Big-Ip Application Acceleration Manager » Version: 12.0.0

cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0
F5 » Big-Ip Application Acceleration Manager » Version: 12.1.0

cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0
F5 » Big-Ip Application Acceleration Manager » Version: 12.1.1

cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1
F5 » Big-Ip Application Acceleration Manager » Version: 12.1.2

cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.2
F5 » Big-Ip Application Security Manager » Version: 11.6.0

cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0
F5 » Big-Ip Application Security Manager » Version: 11.6.1

cpe:2.3:a:f5:big-ip_application_security_manager:11.6.1
F5 » Big-Ip Application Security Manager » Version: 12.0.0

cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0
F5 » Big-Ip Application Security Manager » Version: 12.1.0

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.0
F5 » Big-Ip Application Security Manager » Version: 12.1.1

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.1
F5 » Big-Ip Application Security Manager » Version: 12.1.2

cpe:2.3:a:f5:big-ip_application_security_manager:12.1.2
F5 » Big-Ip Link Controller » Version: 11.6.0

cpe:2.3:a:f5:big-ip_link_controller:11.6.0
F5 » Big-Ip Link Controller » Version: 11.6.1

cpe:2.3:a:f5:big-ip_link_controller:11.6.1
F5 » Big-Ip Link Controller » Version: 12.0.0

cpe:2.3:a:f5:big-ip_link_controller:12.0.0
F5 » Big-Ip Link Controller » Version: 12.1.0

cpe:2.3:a:f5:big-ip_link_controller:12.1.0
F5 » Big-Ip Link Controller » Version: 12.1.1

cpe:2.3:a:f5:big-ip_link_controller:12.1.1
F5 » Big-Ip Link Controller » Version: 12.1.2

cpe:2.3:a:f5:big-ip_link_controller:12.1.2
F5 » Big-Ip Local Traffic Manager » Version: 11.6.0

cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0
F5 » Big-Ip Local Traffic Manager » Version: 11.6.1

cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1
F5 » Big-Ip Local Traffic Manager » Version: 12.0.0

cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0
F5 » Big-Ip Local Traffic Manager » Version: 12.1.0

cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0
F5 » Big-Ip Local Traffic Manager » Version: 12.1.1

cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1
F5 » Big-Ip Local Traffic Manager » Version: 12.1.2

cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2
F5 » Big-Ip Policy Enforcement Manager » Version: 11.6.0

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0
F5 » Big-Ip Policy Enforcement Manager » Version: 11.6.1

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1
F5 » Big-Ip Policy Enforcement Manager » Version: 12.0.0

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0
F5 » Big-Ip Policy Enforcement Manager » Version: 12.1.0

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0
F5 » Big-Ip Policy Enforcement Manager » Version: 12.1.1

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1
F5 » Big-Ip Policy Enforcement Manager » Version: 12.1.2

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.2
F5 » Big-Ip Websafe » Version: 1.0.0

cpe:2.3:a:f5:big-ip_websafe:1.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-6159

Products

Pricing

Contact Us