Big Ip Edge Gateway
CVE-2016-5023
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionCVE.org
Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted network traffic.
AnalysisAI
Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-284. Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted network traffic. Affected products include: F5 Big-Ip Edge Gateway, F5 Big-Ip Protocol Security Module, F5 Big-Ip Analytics, F5 Big-Ip Application Security Manager, F5 Big-Ip Advanced Firewall Manager. Version information: through 11.5.4.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Big Ip Edge Gateway
View allThe iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 before 11.5.3 HF2 and 11.6.
The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.5
F5 BIG-IP contains an authenticated command injection in the iControl REST API and TMOS Shell (tmsh) save command. Authe
The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before
Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. Rated critical severity (CVSS 9.1), this vu
BIG-IP monitor functionality may allow an attacker to bypass access control restrictions, regardless of the port lockdow
racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. R
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. Rated high severity (CVSS 7.8), t
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an
On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated administrative users execute commands in the Traffic Manageme
Same weakness CWE-284 – Improper Access Control
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today