Default credentials

2017-03-2314:59:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.0%

JSON

An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4 devices with maliciously crafted network traffic. This vulnerability affects virtual servers associated with TCP profiles when the BIG-IP system’s tm.tcpprogressive db variable value is set to non-default setting “enabled”. The default value for the tm.tcpprogressive db variable is “negotiate”. An attacker may be able to disrupt traffic or cause the BIG-IP system to fail over to another device in the device group.

CPENameOperatorVersion
big-ip_access_policy_managereq11.5.2
big-ip_access_policy_managereq11.5.0
big-ip_access_policy_managereq11.5.1
big-ip_access_policy_managereq11.5.3
big-ip_access_policy_managereq11.4.0
big-ip_access_policy_managereq11.5.4
big-ip_access_policy_managereq11.4.1
big-ip_advanced_firewall_managereq11.5.4
big-ip_advanced_firewall_managereq11.5.2
big-ip_advanced_firewall_managereq11.4.1

Name	Operator	Version
big-ip_access_policy_manager	eq	11.5.2
big-ip_access_policy_manager	eq	11.5.0
big-ip_access_policy_manager	eq	11.5.1
big-ip_access_policy_manager	eq	11.5.3
big-ip_access_policy_manager	eq	11.4.0
big-ip_access_policy_manager	eq	11.5.4
big-ip_access_policy_manager	eq	11.4.1
big-ip_advanced_firewall_manager	eq	11.5.4
big-ip_advanced_firewall_manager	eq	11.5.2
big-ip_advanced_firewall_manager	eq	11.4.1