CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-6160

In F5 BIG-IP AAM and PEM software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.4.1 to 11.5.4, a remote attacker may create maliciously crafted HTTP request to cause Traffic Management Microkernel (TMM) to restart and temporarily fail to process traffic. This issue is exposed on virtual servers using a Policy Enforcement profile or a Web Acceleration profile. Systems that do not have BIG-IP AAM module provisioned are not vulnerable. The Traffic Management Microkernel (TMM) may restart and temporarily fail to process traffic. Systems that do not have BIG-IP AAM or PEM module provisioned are not vulnerable.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.046

EPSS Ranking 88.8%

CVSS Severity

CVSS v3 Score 5.9

CVSS v2 Score 4.3

References

Products affected by CVE-2017-6160

F5 » Big-Ip Application Acceleration Manager » Version: 11.4.0

cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.0
F5 » Big-Ip Application Acceleration Manager » Version: 11.4.1

cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.4.1
F5 » Big-Ip Application Acceleration Manager » Version: 11.5.0

cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.0
F5 » Big-Ip Application Acceleration Manager » Version: 11.5.1

cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.1
F5 » Big-Ip Application Acceleration Manager » Version: 11.5.2

cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.2
F5 » Big-Ip Application Acceleration Manager » Version: 11.5.3

cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.3
F5 » Big-Ip Application Acceleration Manager » Version: 11.5.4

cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.4
F5 » Big-Ip Application Acceleration Manager » Version: 11.5.5

cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.5.5
F5 » Big-Ip Application Acceleration Manager » Version: 11.6.0

cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0
F5 » Big-Ip Application Acceleration Manager » Version: 11.6.1

cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.1
F5 » Big-Ip Application Acceleration Manager » Version: 12.0.0

cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0
F5 » Big-Ip Application Acceleration Manager » Version: 12.1.0

cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.0
F5 » Big-Ip Application Acceleration Manager » Version: 12.1.1

cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.1
F5 » Big-Ip Policy Enforcement Manager » Version: 11.4.0

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.0
F5 » Big-Ip Policy Enforcement Manager » Version: 11.4.1

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.4.1
F5 » Big-Ip Policy Enforcement Manager » Version: 11.5.0

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.0
F5 » Big-Ip Policy Enforcement Manager » Version: 11.5.1

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.1
F5 » Big-Ip Policy Enforcement Manager » Version: 11.5.2

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.2
F5 » Big-Ip Policy Enforcement Manager » Version: 11.5.3

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.3
F5 » Big-Ip Policy Enforcement Manager » Version: 11.5.4

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.4
F5 » Big-Ip Policy Enforcement Manager » Version: 11.5.5

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.5.5
F5 » Big-Ip Policy Enforcement Manager » Version: 11.6.0

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0
F5 » Big-Ip Policy Enforcement Manager » Version: 11.6.1

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.1
F5 » Big-Ip Policy Enforcement Manager » Version: 12.0.0

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0
F5 » Big-Ip Policy Enforcement Manager » Version: 12.1.0

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.0
F5 » Big-Ip Policy Enforcement Manager » Version: 12.1.1

cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-6160

Products

Pricing

Contact Us