6.8
CVE-2017-6169
- EPSS 0.68%
- Published 06.02.2018 13:29:00
- Last modified 21.11.2024 03:29:11
- Source f5sirt@f5.com
- Teams watchlist Login
- Open Login
In versions 13.0.0, 12.0.0-12.1.3, or 11.6.0-11.6.2, an F5 BIG-IP virtual server using the URL categorization feature may cause the Traffic Management Microkernel (TMM) to produce a core file when it receives malformed URLs during categorization.
Data is provided by the National Vulnerability Database (NVD)
F5 ≫ Big-ip Policy Enforcement Manager Version11.6.0
F5 ≫ Big-ip Policy Enforcement Manager Version11.6.1
F5 ≫ Big-ip Policy Enforcement Manager Version11.6.2
F5 ≫ Big-ip Policy Enforcement Manager Version12.0.0
F5 ≫ Big-ip Policy Enforcement Manager Version12.1.0
F5 ≫ Big-ip Policy Enforcement Manager Version12.1.1
F5 ≫ Big-ip Policy Enforcement Manager Version12.1.2
F5 ≫ Big-ip Policy Enforcement Manager Version12.1.3
F5 ≫ Big-ip Policy Enforcement Manager Version13.0.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.68% | 0.691 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 2.2 | 4 |
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.