7.4

CVE-2016-2084

EPSS 0.48%
Veröffentlicht 13.04.2016 16:59:10
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP DNS 12.0.0 before build 1.14.628; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, and 11.6.0 before build 6.204.442; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 build 685-HF10; BIG-IQ Cloud, Device, and Security 4.2.0 through 4.5.0; and BIG-IQ ADC 4.5.0 do not properly regenerate certificates and keys when deploying cloud images in Amazon Web Services (AWS), Azure or Verizon cloud services environments, which allows attackers to obtain sensitive information or cause a denial of service (disruption) by leveraging a target instance configuration.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

F5 ≫ Big-iq Security Version4.2.0

F5 ≫ Big-iq Security Version4.3.0

F5 ≫ Big-iq Security Version4.4.0

F5 ≫ Big-iq Security Version4.5.0

F5 ≫ Big-ip Webaccelerator Version11.3.0

F5 ≫ Big-ip Application Security Manager Version11.3.0

F5 ≫ Big-ip Application Security Manager Version11.4.0

F5 ≫ Big-ip Application Security Manager Version11.4.1

F5 ≫ Big-ip Application Security Manager Version11.5.0

F5 ≫ Big-ip Application Security Manager Version11.5.1

F5 ≫ Big-ip Application Security Manager Version11.5.2

F5 ≫ Big-ip Application Security Manager Version11.5.3

F5 ≫ Big-ip Application Security Manager Version11.5.4

F5 ≫ Big-ip Application Security Manager Version11.6.0

F5 ≫ Big-ip Application Security Manager Version12.0.0

F5 ≫ Big-ip Access Policy Manager Version11.3.0

F5 ≫ Big-ip Access Policy Manager Version11.4.0

F5 ≫ Big-ip Access Policy Manager Version11.4.1

F5 ≫ Big-ip Access Policy Manager Version11.5.0

F5 ≫ Big-ip Access Policy Manager Version11.5.1

F5 ≫ Big-ip Access Policy Manager Version11.5.2

F5 ≫ Big-ip Access Policy Manager Version11.5.3

F5 ≫ Big-ip Access Policy Manager Version11.5.4

F5 ≫ Big-ip Access Policy Manager Version11.6.0

F5 ≫ Big-ip Access Policy Manager Version12.0.0

F5 ≫ Big-ip Policy Enforcement Manager Version11.3.0

F5 ≫ Big-ip Policy Enforcement Manager Version11.4.0

F5 ≫ Big-ip Policy Enforcement Manager Version11.4.1

F5 ≫ Big-ip Policy Enforcement Manager Version11.5.0

F5 ≫ Big-ip Policy Enforcement Manager Version11.5.1

F5 ≫ Big-ip Policy Enforcement Manager Version11.5.2

F5 ≫ Big-ip Policy Enforcement Manager Version11.5.3

F5 ≫ Big-ip Policy Enforcement Manager Version11.5.4

F5 ≫ Big-ip Policy Enforcement Manager Version11.6.0

F5 ≫ Big-ip Policy Enforcement Manager Version12.0.0

F5 ≫ Big-iq Cloud Version4.2.0

F5 ≫ Big-iq Cloud Version4.3.0

F5 ≫ Big-iq Cloud Version4.4.0

F5 ≫ Big-iq Cloud Version4.5.0

F5 ≫ Big-iq Application Delivery Controller Version4.5.0

F5 ≫ Big-ip Global Traffic Manager Version11.3.0

F5 ≫ Big-ip Global Traffic Manager Version11.4.0

F5 ≫ Big-ip Global Traffic Manager Version11.4.1

F5 ≫ Big-ip Global Traffic Manager Version11.5.0

F5 ≫ Big-ip Global Traffic Manager Version11.5.1

F5 ≫ Big-ip Global Traffic Manager Version11.5.2

F5 ≫ Big-ip Global Traffic Manager Version11.5.3

F5 ≫ Big-ip Global Traffic Manager Version11.5.4

F5 ≫ Big-ip Global Traffic Manager Version11.6.0

F5 ≫ Big-ip Local Traffic Manager Version11.3.0

F5 ≫ Big-ip Local Traffic Manager Version11.4.0

F5 ≫ Big-ip Local Traffic Manager Version11.4.1

F5 ≫ Big-ip Local Traffic Manager Version11.5.0

F5 ≫ Big-ip Local Traffic Manager Version11.5.1

F5 ≫ Big-ip Local Traffic Manager Version11.5.2

F5 ≫ Big-ip Local Traffic Manager Version11.5.3

F5 ≫ Big-ip Local Traffic Manager Version11.5.4

F5 ≫ Big-ip Local Traffic Manager Version11.6.0

F5 ≫ Big-ip Local Traffic Manager Version12.0.0

F5 ≫ Big-iq Device Version4.2.0

F5 ≫ Big-iq Device Version4.3.0

F5 ≫ Big-iq Device Version4.4.0

F5 ≫ Big-iq Device Version4.5.0

F5 ≫ Big-ip Edge Gateway Version11.3.0

F5 ≫ Big-ip Application Acceleration Manager Version11.4.1

F5 ≫ Big-ip Application Acceleration Manager Version11.5.0

F5 ≫ Big-ip Application Acceleration Manager Version11.5.1

F5 ≫ Big-ip Application Acceleration Manager Version11.5.2

F5 ≫ Big-ip Application Acceleration Manager Version11.5.3

F5 ≫ Big-ip Application Acceleration Manager Version11.5.4

F5 ≫ Big-ip Application Acceleration Manager Version11.6.0

F5 ≫ Big-ip Application Acceleration Manager Version12.0.0

F5 ≫ Big-ip Wan Optimization Manager Version11.3.0

F5 ≫ Big-ip Advanced Firewall Manager Version11.3.0

F5 ≫ Big-ip Advanced Firewall Manager Version11.4.0

F5 ≫ Big-ip Advanced Firewall Manager Version11.4.1

F5 ≫ Big-ip Advanced Firewall Manager Version11.5.0

F5 ≫ Big-ip Advanced Firewall Manager Version11.5.1

F5 ≫ Big-ip Advanced Firewall Manager Version11.5.2

F5 ≫ Big-ip Advanced Firewall Manager Version11.5.3

F5 ≫ Big-ip Advanced Firewall Manager Version11.5.4

F5 ≫ Big-ip Advanced Firewall Manager Version11.6.0

F5 ≫ Big-ip Advanced Firewall Manager Version12.0.0

F5 ≫ Big-ip Link Controller Version11.3.0

F5 ≫ Big-ip Link Controller Version11.4.0

F5 ≫ Big-ip Link Controller Version11.4.1

F5 ≫ Big-ip Link Controller Version11.5.0

F5 ≫ Big-ip Link Controller Version11.5.1

F5 ≫ Big-ip Link Controller Version11.5.2

F5 ≫ Big-ip Link Controller Version11.5.3

F5 ≫ Big-ip Link Controller Version11.5.4

F5 ≫ Big-ip Link Controller Version11.6.0

F5 ≫ Big-ip Link Controller Version12.0.0

F5 ≫ Big-ip Protocol Security Module Version11.3.0

F5 ≫ Big-ip Protocol Security Module Version11.4.0

F5 ≫ Big-ip Analytics Version11.3.0

F5 ≫ Big-ip Analytics Version11.4.0

F5 ≫ Big-ip Analytics Version11.4.1

F5 ≫ Big-ip Analytics Version11.5.0

F5 ≫ Big-ip Analytics Version11.5.1

F5 ≫ Big-ip Analytics Version11.5.2

F5 ≫ Big-ip Analytics Version11.5.3

F5 ≫ Big-ip Analytics Version11.5.4

F5 ≫ Big-ip Analytics Version11.6.0

F5 ≫ Big-ip Analytics Version12.0.0

F5 ≫ Big-ip Domain Name System Version12.0.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.48%	0.642

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.4	2.2	5.2	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
nvd@nist.gov	4	4.9	4.9	AV:N/AC:H/Au:N/C:P/I:N/A:P

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://www.securitytracker.com/id/1035520

https://support.f5.com/kb/en-us/solutions/public/k/11/sol11772107.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2016-2084

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-2084

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-2084

EUVD