7.8
CVSSv2

CVE-2013-6016

Published: 26/10/2013 Updated: 29/08/2017
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
VMScore: 694
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Summary

The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Controller, and WOM 10.0.0 through 10.2.2 and 11.0.0; Analytics 11.0.0; PSM 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.4.1; and WebAccelerator 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.3.0 might change a TCP connection to the ESTABLISHED state before receiving the ACK packet, which allows remote malicious users to cause a denial of service (SIGFPE or assertion failure and TMM restart) via unspecified vectors.

Affected Products

Vendor Product Versions
F5Big-ip Access Policy Manager10.1.0, 10.2.0, 10.2.1, 10.2.2, 11.0.0
F5Big-ip Application Security Manager10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.2.2, 11.0.0
F5Big-ip Edge Gateway10.1.0, 10.2.0, 10.2.1, 10.2.2, 11.0.0
F5Big-ip Global Traffic Manager10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.2.2, 11.0.0
F5Big-ip Link Controller10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.2.2, 11.0.0
F5Big-ip Local Traffic Manager10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.2.2, 11.0.0
F5Big-ip Protocol Security Module9.4.5, 9.4.6, 9.4.7, 9.4.8, 10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.2.2, 10.2.3, 10.2.4, 11.0.0, 11.1.0, 11.2.0, 11.2.1, 11.3.0, 11.4.0, 11.4.1
F5Big-ip Wan Optimization Manager10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.2.2, 11.0.0
F5Big-ip Webaccelerator9.4.0, 9.4.1, 9.4.2, 9.4.3, 9.4.4, 9.4.5, 9.4.6, 9.4.7, 9.4.8, 10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.2.1, 10.2.2, 10.2.3, 10.2.4, 11.0.0, 11.1.0, 11.2.0, 11.2.1, 11.3.0