In BIG-IP Versions 17.0.x prior to 17.0.0.1, 16.1.x prior to 16.1.3.1, 15.1.x prior to 15.1.6.1, 14.1.x prior to 14.1.5.1, and all versions of 13.1.x, certain iRules commands may allow an malicious user to bypass the access control restrictions for a self IP address, regardless of the port lockdown settings. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
f5 big-ip advanced firewall manager 17.0.0 |
||
f5 big-ip access policy manager 17.0.0 |
||
f5 big-ip analytics 17.0.0 |
||
f5 big-ip application security manager 17.0.0 |
||
f5 big-ip application acceleration manager 17.0.0 |
||
f5 big-ip policy enforcement manager 17.0.0 |
||
f5 big-ip local traffic manager 17.0.0 |
||
f5 big-ip link controller 17.0.0 |
||
f5 big-ip global traffic manager 17.0.0 |
||
f5 big-ip fraud protection service 17.0.0 |
||
f5 big-ip domain name system 17.0.0 |
||
f5 big-ip analytics |
||
f5 big-ip link controller |
||
f5 big-ip local traffic manager |
||
f5 big-ip policy enforcement manager |
||
f5 big-ip global traffic manager |
||
f5 big-ip fraud protection service |
||
f5 big-ip domain name system |
||
f5 big-ip application security manager |
||
f5 big-ip application acceleration manager |
||
f5 big-ip advanced firewall manager |
||
f5 big-ip access policy manager |