4.3
CVSSv2

CVE-2015-8099

Published: 13/05/2016 Updated: 06/06/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x prior to 11.4.1 HF10, 11.5.x prior to 11.5.4, 11.6.x prior to 11.6.1, and 12.x prior to 12.0.0 HF1; BIG-IP AAM 11.4.x prior to 11.4.1 HF10, 11.5.x prior to 11.5.4, 11.6.x prior to 11.6.1, and 12.x prior to 12.0.0 HF1; BIG-IP DNS 12.x prior to 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x prior to 11.4.1 HF10, 11.5.x prior to 11.5.4, and 11.6.x prior to 11.6.1; BIG-IP PSM 11.3.x and 11.4.x prior to 11.4.1 HF10; Enterprise Manager 3.0.0 up to and including 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 up to and including 4.5.0; BIG-IQ Device 4.2.0 up to and including 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 on the 3900, 6900, 8900, 8950, 11000, 11050, PB100 and PB200 platforms, when software SYN cookies are configured on virtual servers, allow remote malicious users to cause a denial of service (High-Speed Bridge hang) via an invalid TCP segment.

Affected Products

Vendor Product Versions
F5Big-ip Access Policy Manager11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.6.0, 12.0.0
F5Big-ip Advanced Firewall Manager11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.6.0, 12.0.0
F5Big-ip Analytics11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.6.0, 12.0.0
F5Big-ip Application Acceleration Manager11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.6.0, 12.0.0
F5Big-ip Application Security Manager11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.6.0, 12.0.0
F5Big-ip Domain Name System12.0.0
F5Big-ip Edge Gateway11.3.0
F5Big-ip Enterprise Manager3.0.0, 3.1.0, 3.1.1
F5Big-ip Global Traffic Manager11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.6.0
F5Big-ip Link Controller11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.6.0, 12.0.0
F5Big-ip Local Traffic Manager10.2.0, 11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.6.0, 12.0.0
F5Big-ip Policy Enforcement Manager11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.6.0, 12.0.0
F5Big-ip Protocol Security Module11.3.0, 11.4.0, 11.4.1
F5Big-ip Wan Optimization Manager11.3.0
F5Big-ip Webaccelerator11.3.0
F5Big-iq Application Delivery Controller4.5.0
F5Big-iq Centralized Management4.6.0
F5Big-iq Cloud4.0.0, 4.1.0, 4.2.0, 4.3.0, 4.4.0, 4.5.0
F5Big-iq Cloud And Orchestration1.0.0
F5Big-iq Device4.2.0, 4.3.0, 4.4.0, 4.5.0
F5Big-iq Security4.0.0, 4.1.0, 4.2.0, 4.3.0, 4.4.0, 4.5.0