4.3
CVSSv2

CVE-2017-6137

Published: 09/05/2017 Updated: 03/10/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 up to and including 12.1.2, undisclosed traffic patterns received while software SYN cookie protection is engaged may cause a disruption of service to the Traffic Management Microkernel (TMM) on specific platforms and configurations.

Affected Products

Vendor Product Versions
F5Big-ip Access Policy Manager11.6.1, 12.0.0, 12.1.0, 12.1.1, 12.1.2
F5Big-ip Advanced Firewall Manager11.6.1, 12.0.0, 12.1.0, 12.1.1, 12.1.2
F5Big-ip Analytics11.6.1, 12.0.0, 12.1.0, 12.1.1, 12.1.2
F5Big-ip Application Acceleration Manager11.6.1, 12.0.0, 12.1.0, 12.1.1, 12.1.2
F5Big-ip Application Security Manager11.6.1, 12.0.0, 12.1.0, 12.1.1, 12.1.2
F5Big-ip Domain Name System12.0.0, 12.1.0, 12.1.1, 12.1.2
F5Big-ip Global Traffic Manager11.6.1
F5Big-ip Link Controller11.6.1, 12.0.0, 12.1.0, 12.1.1, 12.1.2
F5Big-ip Local Traffic Manager11.6.1, 12.0.0, 12.1.0, 12.1.1, 12.1.2
F5Big-ip Policy Enforcement Manager11.6.1, 12.0.0, 12.1.0, 12.1.1, 12.1.2
F5Big-ip Websafe11.6.1, 12.0.0, 12.1.0, 12.1.1, 12.1.2