4.3
CVE-2015-7759
- EPSS 0.75%
- Published 12.01.2016 20:59:01
- Last modified 12.04.2025 10:46:40
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 12.0.0 before HF1, when the TCP profile for a virtual server is configured with Congestion Metrics Cache enabled, allow remote attackers to cause a denial of service (Traffic Management Microkernel (TMM) restart) via crafted ICMP packets, related to Path MTU (PMTU) discovery.
Data is provided by the National Vulnerability Database (NVD)
F5 ≫ Big-ip Analytics Version12.0.0
F5 ≫ Big-ip Application Acceleration Manager Version12.0.0
F5 ≫ Big-ip Link Controller Version12.0.0
F5 ≫ Big-ip Advanced Firewall Manager Version12.0.0
F5 ≫ Big-ip Policy Enforcement Manager Version12.0.0
F5 ≫ Big-ip Local Traffic Manager Version12.0.0
F5 ≫ Big-ip Access Policy Manager Version12.0.0
F5 ≫ Big-ip Application Security Manager Version12.0.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.75% | 0.721 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 3.7 | 2.2 | 1.4 |
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.