4
CVSSv2

CVE-2016-2084

Published: 13/04/2016 Updated: 21/04/2016
CVSS v2 Base Score: 4 | Impact Score: 4.9 | Exploitability Score: 4.9
CVSS v3 Base Score: 7.4 | Impact Score: 5.2 | Exploitability Score: 2.2
VMScore: 356
Vector: AV:N/AC:H/Au:N/C:P/I:N/A:P

Vulnerability Summary

F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x prior to 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 prior to 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x prior to 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 prior to 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP DNS 12.0.0 before build 1.14.628; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x prior to 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 prior to 11.5.4 build 0.1.256, and 11.6.0 before build 6.204.442; BIG-IP PSM 11.3.x and 11.4.x prior to 11.4.1 build 685-HF10; BIG-IQ Cloud, Device, and Security 4.2.0 up to and including 4.5.0; and BIG-IQ ADC 4.5.0 do not properly regenerate certificates and keys when deploying cloud images in Amazon Web Services (AWS), Azure or Verizon cloud services environments, which allows malicious users to obtain sensitive information or cause a denial of service (disruption) by leveraging a target instance configuration.

Affected Products

Vendor Product Versions
F5Big-ip Access Policy Manager11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 12.0.0
F5Big-ip Advanced Firewall Manager11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 12.0.0
F5Big-ip Analytics11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 12.0.0
F5Big-ip Application Acceleration Manager11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 12.0.0
F5Big-ip Application Security Manager11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 12.0.0
F5Big-ip Domain Name System12.0.0
F5Big-ip Edge Gateway11.3.0
F5Big-ip Global Traffic Manager11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0
F5Big-ip Link Controller11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 12.0.0
F5Big-ip Local Traffic Manager11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 12.0.0
F5Big-ip Policy Enforcement Manager11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 12.0.0
F5Big-ip Protocol Security Module11.3.0, 11.4.0
F5Big-ip Wan Optimization Manager11.3.0
F5Big-ip Webaccelerator11.3.0
F5Big-iq Application Delivery Controller4.5.0
F5Big-iq Cloud4.2.0, 4.3.0, 4.4.0, 4.5.0
F5Big-iq Device4.2.0, 4.3.0, 4.4.0, 4.5.0
F5Big-iq Security4.2.0, 4.3.0, 4.4.0, 4.5.0

Github Repositories

Introduction f5-aws-migratepy is a Python 27 script that automates the migration of a BIG-IP instance to another instance in AWS for the two types of BIG-IP images available on the AWS Marketplace The script begins by gathering a BIG-IP UCS (User Configuration Set; a backup) file and polling AWS to gather instance configuration details It then terminates the original instan