In BIG-IP Versions 17.0.x prior to 17.0.0.1, 16.1.x prior to 16.1.3.1, 15.1.x prior to 15.1.6.1, 14.1.x prior to 14.1.5.1, and all versions of 13.1.x, certain iRules commands may allow an malicious user to bypass the access control restrictions for a self IP address, regardless of the port lockdown settings. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
f5 big-ip advanced firewall manager 17.0.0 |
||
f5 big-ip access policy manager 17.0.0 |
||
f5 big-ip analytics 17.0.0 |
||
f5 big-ip application security manager 17.0.0 |
||
f5 big-ip application acceleration manager 17.0.0 |
||
f5 big-ip policy enforcement manager 17.0.0 |
||
f5 big-ip local traffic manager 17.0.0 |
||
f5 big-ip link controller 17.0.0 |
||
f5 big-ip global traffic manager 17.0.0 |
||
f5 big-ip analytics |
||
f5 big-ip domain name system 17.0.0 |
||
f5 big-ip fraud protection service 17.0.0 |
||
f5 big-ip link controller |
||
f5 big-ip local traffic manager |
||
f5 big-ip policy enforcement manager |
||
f5 big-ip access policy manager |
||
f5 big-ip advanced firewall manager |
||
f5 big-ip application acceleration manager |
||
f5 big-ip application security manager |
||
f5 big-ip domain name system |
||
f5 big-ip fraud protection service |
||
f5 big-ip global traffic manager |