Lucene search
F5CVE-2017-0303HistoryOct 27, 2017 - 2:29 p.m.
CVE-2017-0303
2017-10-2714:29:00
CWE-459
f5
web.nvd.nist.gov
40
f5 big-ip
ltm
aam
afm
analytics
apm
asm
dns
gtm
link controller
pem
websafe
cve-2017-0303
resource starvation
connection cleanup.
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.003
Percentile
70.0%
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and 11.5.1 to 11.6.1, under limited circumstances connections handled by a Virtual Server with an associated SOCKS profile may not be properly cleaned up, potentially leading to resource starvation. Connections may be left in the connection table which then can only be removed by restarting TMM. Over time this may lead to the BIG-IP being unable to process further connections.
Affected configurations
Node
f5big-ip_local_traffic_managerMatch11.5.0
ORf5big-ip_local_traffic_managerMatch11.5.1
ORf5big-ip_local_traffic_managerMatch11.5.2
ORf5big-ip_local_traffic_managerMatch11.5.3
ORf5big-ip_local_traffic_managerMatch11.5.4
ORf5big-ip_local_traffic_managerMatch11.5.5
ORf5big-ip_local_traffic_managerMatch11.6.0
ORf5big-ip_local_traffic_managerMatch11.6.1
ORf5big-ip_local_traffic_managerMatch12.0.0
ORf5big-ip_local_traffic_managerMatch12.1.0
ORf5big-ip_local_traffic_managerMatch12.1.1
ORf5big-ip_local_traffic_managerMatch12.1.2
ORf5big-ip_local_traffic_managerMatch13.0.0
Node
f5big-ip_application_acceleration_managerMatch11.5.0
ORf5big-ip_application_acceleration_managerMatch11.5.1
ORf5big-ip_application_acceleration_managerMatch11.5.2
ORf5big-ip_application_acceleration_managerMatch11.5.3
ORf5big-ip_application_acceleration_managerMatch11.5.4
ORf5big-ip_application_acceleration_managerMatch11.5.5
ORf5big-ip_application_acceleration_managerMatch11.6.0
ORf5big-ip_application_acceleration_managerMatch11.6.1
ORf5big-ip_application_acceleration_managerMatch12.0.0
ORf5big-ip_application_acceleration_managerMatch12.1.0
ORf5big-ip_application_acceleration_managerMatch12.1.1
ORf5big-ip_application_acceleration_managerMatch12.1.2
ORf5big-ip_application_acceleration_managerMatch13.0.0
Node
f5big-ip_advanced_firewall_managerMatch11.5.0
ORf5big-ip_advanced_firewall_managerMatch11.5.1
ORf5big-ip_advanced_firewall_managerMatch11.5.2
ORf5big-ip_advanced_firewall_managerMatch11.5.3
ORf5big-ip_advanced_firewall_managerMatch11.5.4
ORf5big-ip_advanced_firewall_managerMatch11.5.5
ORf5big-ip_advanced_firewall_managerMatch11.6.0
ORf5big-ip_advanced_firewall_managerMatch11.6.1
ORf5big-ip_advanced_firewall_managerMatch12.0.0
ORf5big-ip_advanced_firewall_managerMatch12.1.0
ORf5big-ip_advanced_firewall_managerMatch12.1.1
ORf5big-ip_advanced_firewall_managerMatch12.1.2
ORf5big-ip_advanced_firewall_managerMatch13.0.0
Node
f5big-ip_access_policy_managerMatch11.5.0
ORf5big-ip_access_policy_managerMatch11.5.1
ORf5big-ip_access_policy_managerMatch11.5.2
ORf5big-ip_access_policy_managerMatch11.5.3
ORf5big-ip_access_policy_managerMatch11.5.4
ORf5big-ip_access_policy_managerMatch11.5.5
ORf5big-ip_access_policy_managerMatch11.6.0
ORf5big-ip_access_policy_managerMatch11.6.1
ORf5big-ip_access_policy_managerMatch12.0.0
ORf5big-ip_access_policy_managerMatch12.1.0
ORf5big-ip_access_policy_managerMatch12.1.1
ORf5big-ip_access_policy_managerMatch12.1.2
ORf5big-ip_access_policy_managerMatch13.0.0
Node
f5big-ip_application_security_managerMatch11.5.0
ORf5big-ip_application_security_managerMatch11.5.1
ORf5big-ip_application_security_managerMatch11.5.2
ORf5big-ip_application_security_managerMatch11.5.3
ORf5big-ip_application_security_managerMatch11.5.4
ORf5big-ip_application_security_managerMatch11.5.5
ORf5big-ip_application_security_managerMatch11.6.0
ORf5big-ip_application_security_managerMatch11.6.1
ORf5big-ip_application_security_managerMatch12.0.0
ORf5big-ip_application_security_managerMatch12.1.0
ORf5big-ip_application_security_managerMatch12.1.1
ORf5big-ip_application_security_managerMatch12.1.2
ORf5big-ip_application_security_managerMatch13.0.0
Node
f5big-ip_link_controllerMatch11.5.0
ORf5big-ip_link_controllerMatch11.5.1
ORf5big-ip_link_controllerMatch11.5.2
ORf5big-ip_link_controllerMatch11.5.3
ORf5big-ip_link_controllerMatch11.5.4
ORf5big-ip_link_controllerMatch11.5.5
ORf5big-ip_link_controllerMatch11.6.0
ORf5big-ip_link_controllerMatch11.6.1
ORf5big-ip_link_controllerMatch12.0.0
ORf5big-ip_link_controllerMatch12.1.0
ORf5big-ip_link_controllerMatch12.1.1
ORf5big-ip_link_controllerMatch12.1.2
ORf5big-ip_link_controllerMatch13.0.0
Node
f5big-ip_policy_enforcement_managerMatch11.5.0
ORf5big-ip_policy_enforcement_managerMatch11.5.1
ORf5big-ip_policy_enforcement_managerMatch11.5.2
ORf5big-ip_policy_enforcement_managerMatch11.5.3
ORf5big-ip_policy_enforcement_managerMatch11.5.4
ORf5big-ip_policy_enforcement_managerMatch11.5.5
ORf5big-ip_policy_enforcement_managerMatch11.6.0
ORf5big-ip_policy_enforcement_managerMatch11.6.1
ORf5big-ip_policy_enforcement_managerMatch12.0.0
ORf5big-ip_policy_enforcement_managerMatch12.1.0
ORf5big-ip_policy_enforcement_managerMatch12.1.1
ORf5big-ip_policy_enforcement_managerMatch12.1.2
ORf5big-ip_policy_enforcement_managerMatch13.0.0
Node
f5big-ip_websafeMatch1.0.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| f5 | big-ip_local_traffic_manager | 11.5.0 | cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.0:*:*:*:*:*:*:* |
| f5 | big-ip_local_traffic_manager | 11.5.1 | cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.1:*:*:*:*:*:*:* |
| f5 | big-ip_local_traffic_manager | 11.5.2 | cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.2:*:*:*:*:*:*:* |
| f5 | big-ip_local_traffic_manager | 11.5.3 | cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.3:*:*:*:*:*:*:* |
| f5 | big-ip_local_traffic_manager | 11.5.4 | cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.4:*:*:*:*:*:*:* |
| f5 | big-ip_local_traffic_manager | 11.5.5 | cpe:2.3:a:f5:big-ip_local_traffic_manager:11.5.5:*:*:*:*:*:*:* |
| f5 | big-ip_local_traffic_manager | 11.6.0 | cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:* |
| f5 | big-ip_local_traffic_manager | 11.6.1 | cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:* |
| f5 | big-ip_local_traffic_manager | 12.0.0 | cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:* |
| f5 | big-ip_local_traffic_manager | 12.1.0 | cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe",
"vendor": "F5 Networks, Inc.",
"versions": [
{
"status": "affected",
"version": "13.0.0"
},
{
"status": "affected",
"version": "12.0.0 - 12.1.2"
},
{
"status": "affected",
"version": "11.5.1 - 11.6.1"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2017-10-27 14:29:00
cvelist
cvelist
CVE-2017-0303
2017-10-27 14:00:00
f5
f5
K30201296 : SOCKS proxy vulnerability CVE-2017-0303
2017-10-26 00:00:00
nvd
nvd
CVE-2017-0303
2017-10-27 14:29:00
nessus
nessus
F5 Networks BIG-IP : SOCKS proxy vulnerability (K30201296)
2017-10-27 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.003
Percentile
70.0%
Related for CVE-2017-0303