CVE-2015-8099: Input Validation
First published: Fri May 13 2016(Updated: )
F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x before 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 HF10; Enterprise Manager 3.0.0 through 3.1.1; BIG-IQ Cloud and BIG-IQ Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 on the 3900, 6900, 8900, 8950, 11000, 11050, PB100 and PB200 platforms, when software SYN cookies are configured on virtual servers, allow remote attackers to cause a denial of service (High-Speed Bridge hang) via an invalid TCP segment.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F5 Access Policy Manager | =11.3.0 | |
| F5 Access Policy Manager | =11.4.0 | |
| F5 Access Policy Manager | =11.4.1 | |
| F5 Access Policy Manager | =11.5.0 | |
| F5 Access Policy Manager | =11.5.1 | |
| F5 Access Policy Manager | =11.5.2 | |
| F5 Access Policy Manager | =11.5.3 | |
| F5 Access Policy Manager | =11.6.0 | |
| F5 Access Policy Manager | =12.0.0 | |
| Exinda WAN Optimization Suite | =11.3.0 | |
| F5 Application Security Manager | =11.3.0 | |
| F5 Application Security Manager | =11.4.0 | |
| F5 Application Security Manager | =11.4.1 | |
| F5 Application Security Manager | =11.5.0 | |
| F5 Application Security Manager | =11.5.1 | |
| F5 Application Security Manager | =11.5.2 | |
| F5 Application Security Manager | =11.5.3 | |
| F5 Application Security Manager | =11.6.0 | |
| F5 Application Security Manager | =12.0.0 | |
| F5 BIG-IP Link Controller | =11.3.0 | |
| F5 BIG-IP Link Controller | =11.4.0 | |
| F5 BIG-IP Link Controller | =11.4.1 | |
| F5 BIG-IP Link Controller | =11.5.0 | |
| F5 BIG-IP Link Controller | =11.5.1 | |
| F5 BIG-IP Link Controller | =11.5.2 | |
| F5 BIG-IP Link Controller | =11.5.3 | |
| F5 BIG-IP Link Controller | =11.6.0 | |
| F5 BIG-IP Link Controller | =12.0.0 | |
| F5 BIG-IP Advanced Firewall Manager | =11.3.0 | |
| F5 BIG-IP Advanced Firewall Manager | =11.4.0 | |
| F5 BIG-IP Advanced Firewall Manager | =11.4.1 | |
| F5 BIG-IP Advanced Firewall Manager | =11.5.0 | |
| F5 BIG-IP Advanced Firewall Manager | =11.5.1 | |
| F5 BIG-IP Advanced Firewall Manager | =11.5.2 | |
| F5 BIG-IP Advanced Firewall Manager | =11.5.3 | |
| F5 BIG-IP Advanced Firewall Manager | =11.6.0 | |
| F5 BIG-IP Advanced Firewall Manager | =12.0.0 | |
| F5 BIG-IP Analytics | =11.3.0 | |
| F5 BIG-IP Analytics | =11.4.0 | |
| F5 BIG-IP Analytics | =11.4.1 | |
| F5 BIG-IP Analytics | =11.5.0 | |
| F5 BIG-IP Analytics | =11.5.1 | |
| F5 BIG-IP Analytics | =11.5.2 | |
| F5 BIG-IP Analytics | =11.5.3 | |
| F5 BIG-IP Analytics | =11.6.0 | |
| F5 BIG-IP Analytics | =12.0.0 | |
| F5 BIG-IP Protocol Security Manager | =11.3.0 | |
| F5 BIG-IP Protocol Security Manager | =11.4.0 | |
| F5 BIG-IP Protocol Security Manager | =11.4.1 | |
| F5 BIG-IQ Device | =4.2.0 | |
| F5 BIG-IQ Security | =4.0.0 | |
| F5 BIG-IQ Security | =4.1.0 | |
| F5 BIG-IQ Security | =4.2.0 | |
| F5 BIG-IQ Security | =4.3.0 | |
| F5 BIG-IQ Security | =4.4.0 | |
| F5 BIG-IQ Security | =4.5.0 | |
| F5 BIG-IQ Application Delivery Controller | =4.5.0 | |
| F5 BIG-IP Edge Gateway | =11.3.0 | |
| Riverbed SteelApp Traffic Manager | =11.3.0 | |
| Riverbed SteelApp Traffic Manager | =11.4.0 | |
| Riverbed SteelApp Traffic Manager | =11.4.1 | |
| Riverbed SteelApp Traffic Manager | =11.5.0 | |
| Riverbed SteelApp Traffic Manager | =11.5.1 | |
| Riverbed SteelApp Traffic Manager | =11.5.2 | |
| Riverbed SteelApp Traffic Manager | =11.5.3 | |
| Riverbed SteelApp Traffic Manager | =11.6.0 | |
| Riverbed SteelApp Traffic Manager | =10.2.0 | |
| Riverbed SteelApp Traffic Manager | =11.3.0 | |
| Riverbed SteelApp Traffic Manager | =11.4.0 | |
| Riverbed SteelApp Traffic Manager | =11.4.1 | |
| Riverbed SteelApp Traffic Manager | =11.5.0 | |
| Riverbed SteelApp Traffic Manager | =11.5.1 | |
| Riverbed SteelApp Traffic Manager | =11.5.2 | |
| Riverbed SteelApp Traffic Manager | =11.5.3 | |
| Riverbed SteelApp Traffic Manager | =11.6.0 | |
| Riverbed SteelApp Traffic Manager | =12.0.0 | |
| F5 BIG-IQ Cloud and Orchestration | =1.0.0 | |
| F5 BIG-IQ Cloud and Orchestration | =4.0.0 | |
| F5 BIG-IQ Cloud and Orchestration | =4.1.0 | |
| F5 BIG-IQ Cloud and Orchestration | =4.2.0 | |
| F5 BIG-IQ Cloud and Orchestration | =4.3.0 | |
| F5 BIG-IQ Cloud and Orchestration | =4.4.0 | |
| F5 BIG-IQ Cloud and Orchestration | =4.5.0 | |
| F5 BIG-IP and BIG-IQ Centralized Management | =4.6.0 | |
| F5 BIG-IQ Device | =4.3.0 | |
| F5 BIG-IQ Device | =4.4.0 | |
| F5 BIG-IQ Device | =4.5.0 | |
| F5 BIG-IP Policy Enforcement Manager | =11.3.0 | |
| F5 BIG-IP Policy Enforcement Manager | =11.4.0 | |
| F5 BIG-IP Policy Enforcement Manager | =11.4.1 | |
| F5 BIG-IP Policy Enforcement Manager | =11.5.0 | |
| F5 BIG-IP Policy Enforcement Manager | =11.5.1 | |
| F5 BIG-IP Policy Enforcement Manager | =11.5.2 | |
| F5 BIG-IP Policy Enforcement Manager | =11.5.3 | |
| F5 BIG-IP Policy Enforcement Manager | =11.6.0 | |
| F5 BIG-IP Policy Enforcement Manager | =12.0.0 | |
| F5 BIG-IP | =12.0.0 | |
| F5 BIG-IP Application Acceleration Manager | =11.4.0 | |
| F5 BIG-IP Application Acceleration Manager | =11.4.1 | |
| F5 BIG-IP Application Acceleration Manager | =11.5.0 | |
| F5 BIG-IP Application Acceleration Manager | =11.5.1 | |
| F5 BIG-IP Application Acceleration Manager | =11.5.2 | |
| F5 BIG-IP Application Acceleration Manager | =11.5.3 | |
| F5 BIG-IP Application Acceleration Manager | =11.6.0 | |
| F5 BIG-IP Application Acceleration Manager | =12.0.0 | |
| F5 Enterprise Manager | =3.0.0 | |
| F5 Enterprise Manager | =3.1.0 | |
| F5 Enterprise Manager | =3.1.1 | |
| F5 BIG-IP WebAccelerator | =11.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-8099?
CVE-2015-8099 has a critical severity rating due to the potential for remote code execution.
How do I fix CVE-2015-8099?
To fix CVE-2015-8099, upgrade to F5 BIG-IP software versions 11.4.1 HF10, 11.5.4, 11.6.1, or 12.0.0 HF1 or later.
What are the affected versions for CVE-2015-8099?
F5 BIG-IP versions 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1 are affected by CVE-2015-8099.
Which F5 products are impacted by CVE-2015-8099?
CVE-2015-8099 impacts various F5 products including BIG-IP LTM, APM, ASM, Analytics, and others.
Is CVE-2015-8099 being actively exploited?
Yes, CVE-2015-8099 is known to be actively exploited in the wild, making it crucial for users to apply the necessary patches.
- agent/type
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- vendor/f5
- canonical/f5 access policy manager
- version/f5 access policy manager/11.3.0
- version/f5 access policy manager/11.4.0
- version/f5 access policy manager/11.4.1
- version/f5 access policy manager/11.5.0
- version/f5 access policy manager/11.5.1
- version/f5 access policy manager/11.5.2
- version/f5 access policy manager/11.5.3
- version/f5 access policy manager/11.6.0
- version/f5 access policy manager/12.0.0
- canonical/exinda wan optimization suite
- version/exinda wan optimization suite/11.3.0
- canonical/f5 application security manager
- version/f5 application security manager/11.3.0
- version/f5 application security manager/11.4.0
- version/f5 application security manager/11.4.1
- version/f5 application security manager/11.5.0
- version/f5 application security manager/11.5.1
- version/f5 application security manager/11.5.2
- version/f5 application security manager/11.5.3
- version/f5 application security manager/11.6.0
- version/f5 application security manager/12.0.0
- canonical/f5 big-ip link controller
- version/f5 big-ip link controller/11.3.0
- version/f5 big-ip link controller/11.4.0
- version/f5 big-ip link controller/11.4.1
- version/f5 big-ip link controller/11.5.0
- version/f5 big-ip link controller/11.5.1
- version/f5 big-ip link controller/11.5.2
- version/f5 big-ip link controller/11.5.3
- version/f5 big-ip link controller/11.6.0
- version/f5 big-ip link controller/12.0.0
- canonical/f5 big-ip advanced firewall manager
- version/f5 big-ip advanced firewall manager/11.3.0
- version/f5 big-ip advanced firewall manager/11.4.0
- version/f5 big-ip advanced firewall manager/11.4.1
- version/f5 big-ip advanced firewall manager/11.5.0
- version/f5 big-ip advanced firewall manager/11.5.1
- version/f5 big-ip advanced firewall manager/11.5.2
- version/f5 big-ip advanced firewall manager/11.5.3
- version/f5 big-ip advanced firewall manager/11.6.0
- version/f5 big-ip advanced firewall manager/12.0.0
- canonical/f5 big-ip analytics
- version/f5 big-ip analytics/11.3.0
- version/f5 big-ip analytics/11.4.0
- version/f5 big-ip analytics/11.4.1
- version/f5 big-ip analytics/11.5.0
- version/f5 big-ip analytics/11.5.1
- version/f5 big-ip analytics/11.5.2
- version/f5 big-ip analytics/11.5.3
- version/f5 big-ip analytics/11.6.0
- version/f5 big-ip analytics/12.0.0
- canonical/f5 big-ip protocol security manager
- version/f5 big-ip protocol security manager/11.3.0
- version/f5 big-ip protocol security manager/11.4.0
- version/f5 big-ip protocol security manager/11.4.1
- canonical/f5 big-iq device
- version/f5 big-iq device/4.2.0
- canonical/f5 big-iq security
- version/f5 big-iq security/4.0.0
- version/f5 big-iq security/4.1.0
- version/f5 big-iq security/4.2.0
- version/f5 big-iq security/4.3.0
- version/f5 big-iq security/4.4.0
- version/f5 big-iq security/4.5.0
- canonical/f5 big-iq application delivery controller
- version/f5 big-iq application delivery controller/4.5.0
- canonical/f5 big-ip edge gateway
- version/f5 big-ip edge gateway/11.3.0
- canonical/riverbed steelapp traffic manager
- version/riverbed steelapp traffic manager/11.3.0
- version/riverbed steelapp traffic manager/11.4.0
- version/riverbed steelapp traffic manager/11.4.1
- version/riverbed steelapp traffic manager/11.5.0
- version/riverbed steelapp traffic manager/11.5.1
- version/riverbed steelapp traffic manager/11.5.2
- version/riverbed steelapp traffic manager/11.5.3
- version/riverbed steelapp traffic manager/11.6.0
- version/riverbed steelapp traffic manager/10.2.0
- version/riverbed steelapp traffic manager/12.0.0
- canonical/f5 big-iq cloud and orchestration
- version/f5 big-iq cloud and orchestration/1.0.0
- version/f5 big-iq cloud and orchestration/4.0.0
- version/f5 big-iq cloud and orchestration/4.1.0
- version/f5 big-iq cloud and orchestration/4.2.0
- version/f5 big-iq cloud and orchestration/4.3.0
- version/f5 big-iq cloud and orchestration/4.4.0
- version/f5 big-iq cloud and orchestration/4.5.0
- canonical/f5 big-ip and big-iq centralized management
- version/f5 big-ip and big-iq centralized management/4.6.0
- version/f5 big-iq device/4.3.0
- version/f5 big-iq device/4.4.0
- version/f5 big-iq device/4.5.0
- canonical/f5 big-ip policy enforcement manager
- version/f5 big-ip policy enforcement manager/11.3.0
- version/f5 big-ip policy enforcement manager/11.4.0
- version/f5 big-ip policy enforcement manager/11.4.1
- version/f5 big-ip policy enforcement manager/11.5.0
- version/f5 big-ip policy enforcement manager/11.5.1
- version/f5 big-ip policy enforcement manager/11.5.2
- version/f5 big-ip policy enforcement manager/11.5.3
- version/f5 big-ip policy enforcement manager/11.6.0
- version/f5 big-ip policy enforcement manager/12.0.0
- canonical/f5 big-ip
- version/f5 big-ip/12.0.0
- canonical/f5 big-ip application acceleration manager
- version/f5 big-ip application acceleration manager/11.4.0
- version/f5 big-ip application acceleration manager/11.4.1
- version/f5 big-ip application acceleration manager/11.5.0
- version/f5 big-ip application acceleration manager/11.5.1
- version/f5 big-ip application acceleration manager/11.5.2
- version/f5 big-ip application acceleration manager/11.5.3
- version/f5 big-ip application acceleration manager/11.6.0
- version/f5 big-ip application acceleration manager/12.0.0
- canonical/f5 enterprise manager
- version/f5 enterprise manager/3.0.0
- version/f5 enterprise manager/3.1.0
- version/f5 enterprise manager/3.1.1
- canonical/f5 big-ip webaccelerator
- version/f5 big-ip webaccelerator/11.3.0