Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2017-6168

Published: 17/11/2017 Updated: 23/09/2021
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.4 | Impact Score: 5.2 | Exploitability Score: 2.2
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Subscribe to F5

Vulnerability Summary

On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server's private key itself, aka a ROBOT attack.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

f5 big-ip ltm

f5 big-ip ltm 13.0.0

f5 big-ip application acceleration manager 13.0.0

f5 big-ip application acceleration manager

f5 big-ip afm

f5 big-ip afm 13.0.0

f5 big-ip analytics 13.0.0

f5 big-ip analytics

f5 big-ip apm

f5 big-ip apm 13.0.0

f5 big-ip asm

f5 big-ip asm 13.0.0

f5 big-ip link controller

f5 big-ip link controller 13.0.0

f5 big-ip pem 13.0.0

f5 big-ip pem

f5 websafe 13.0.0

f5 websafe

f5 websafe 11.6.2

Github Repositories

https://github.com/F5Networks/f5-openstack-hot

This repository contains OpenStack Heat Orchestration Templates (HOT) that can be used to deploy and/or configure F5® BIG-IP® in an OpenStack cloud.

This GitHub repository has been archived and is read-only This project is no longer actively maintained F5 OpenStack HOT (Heat Orchestration Templates) Introduction Welcome to the GitHub repository for F5's Heat Orchestration Templates for deploying F5 in OpenStack environments All of the templates in this repository have been developed by F5 Networks engineers Acr

References

CWE-203https://support.f5.com/csp/article/K21905460http://www.securitytracker.com/id/1039839http://www.securityfocus.com/bid/101901https://www.kb.cert.org/vuls/id/144389https://robotattack.org/https://nvd.nist.govhttps://github.com/F5Networks/f5-openstack-hothttps://www.kb.cert.org/vuls/id/144389
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook