K68401558 : BIG-IP virtual server TCP sequence numbers vulnerability

2016-11-0200:00:00

my.f5.com

189

6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.1%

JSON

Security Advisory Description

Attackers in a privileged network position may be able to obtain TCP sequence numbers (SEQ) from the BIG-IP system for a short period of time (up to 4 seconds) that will be reused in future connections with the same source and destination port and IP numbers.
Impact
Attackers in a privileged network position can spoof SEQ to be used by a future connection.
Note: This vulnerability is specific to BIG-IP virtual servers. However, some network scanners may incorrectly identify this issue as CVE-2002-1463. Additionally, this vulnerability only affects BIG-IP platforms equipped with the HSBe2 chip. For more information, refer to K14779: Overview of BIG-IP SYN cookie protection (11.3.x - 12.x).

CPENameOperatorVersion
big-iq centralized managementeq5.0.0
big-iq centralized managementeq5.1.0
big-iq centralized managementeq5.2.0
big-iq centralized managementeq5.3.0
big-iq centralized managementeq5.4.0
big-iq centralized managementeq6.0.0
big-iq centralized managementeq6.0.1
big-iq centralized managementeq6.1.0
big-iq centralized managementeq7.0.0
big-iq centralized managementeq7.1.0

Name	Operator	Version
big-iq centralized management	eq	5.0.0
big-iq centralized management	eq	5.1.0
big-iq centralized management	eq	5.2.0
big-iq centralized management	eq	5.3.0
big-iq centralized management	eq	5.4.0
big-iq centralized management	eq	6.0.0
big-iq centralized management	eq	6.0.1
big-iq centralized management	eq	6.1.0
big-iq centralized management	eq	7.0.0
big-iq centralized management	eq	7.1.0

Rows per page:

1-10 of 3401