CVE-2016-5700
First published: Mon Oct 03 2016(Updated: )
Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4, and 12.1.0 before HF2, when configured with the HTTP Explicit Proxy functionality or SOCKS profile, allow remote attackers to modify the system configuration, read system files, and possibly execute arbitrary code via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F5 BIG-IP Policy Enforcement Manager | =11.5.0 | |
| F5 BIG-IP Policy Enforcement Manager | =11.5.1 | |
| F5 BIG-IP Policy Enforcement Manager | =11.5.2 | |
| F5 BIG-IP Policy Enforcement Manager | =11.5.3 | |
| F5 BIG-IP Policy Enforcement Manager | =11.5.4 | |
| F5 BIG-IP Policy Enforcement Manager | =11.6.0 | |
| F5 BIG-IP Policy Enforcement Manager | =11.6.1 | |
| F5 BIG-IP Policy Enforcement Manager | =12.0.0 | |
| F5 BIG-IP Policy Enforcement Manager | =12.1.0 | |
| F5 BIG-IP Local Traffic Manager | =11.5.0 | |
| F5 BIG-IP Local Traffic Manager | =11.5.1 | |
| F5 BIG-IP Local Traffic Manager | =11.5.2 | |
| F5 BIG-IP Local Traffic Manager | =11.5.3 | |
| F5 BIG-IP Local Traffic Manager | =11.5.4 | |
| F5 BIG-IP Local Traffic Manager | =11.6.0 | |
| F5 BIG-IP Local Traffic Manager | =11.6.1 | |
| F5 BIG-IP Local Traffic Manager | =12.0.0 | |
| F5 BIG-IP Local Traffic Manager | =12.1.0 | |
| F5 WebSafe | =11.6.0 | |
| F5 WebSafe | =11.6.1 | |
| F5 WebSafe | =12.0.0 | |
| F5 WebSafe | =12.1.0 | |
| f5 big-ip link controller | =11.5.0 | |
| f5 big-ip link controller | =11.5.1 | |
| f5 big-ip link controller | =11.5.2 | |
| f5 big-ip link controller | =11.5.3 | |
| f5 big-ip link controller | =11.5.4 | |
| f5 big-ip link controller | =11.6.0 | |
| f5 big-ip link controller | =11.6.1 | |
| f5 big-ip link controller | =12.0.0 | |
| f5 big-ip link controller | =12.1.0 | |
| f5 big-ip application acceleration manager | =11.5.0 | |
| f5 big-ip application acceleration manager | =11.5.1 | |
| f5 big-ip application acceleration manager | =11.5.2 | |
| f5 big-ip application acceleration manager | =11.5.3 | |
| f5 big-ip application acceleration manager | =11.5.4 | |
| f5 big-ip application acceleration manager | =11.6.0 | |
| f5 big-ip application acceleration manager | =11.6.1 | |
| f5 big-ip application acceleration manager | =12.0.0 | |
| f5 big-ip application acceleration manager | =12.1.0 | |
| F5 BIG-IP Access Policy Manager | =11.5.0 | |
| F5 BIG-IP Access Policy Manager | =11.5.1 | |
| F5 BIG-IP Access Policy Manager | =11.5.2 | |
| F5 BIG-IP Access Policy Manager | =11.5.3 | |
| F5 BIG-IP Access Policy Manager | =11.5.4 | |
| F5 BIG-IP Access Policy Manager | =11.6.0 | |
| F5 BIG-IP Access Policy Manager | =11.6.1 | |
| F5 BIG-IP Access Policy Manager | =12.0.0 | |
| F5 BIG-IP Access Policy Manager | =12.1.0 | |
| F5 BIG-IP Advanced Firewall Manager | =11.5.0 | |
| F5 BIG-IP Advanced Firewall Manager | =11.5.1 | |
| F5 BIG-IP Advanced Firewall Manager | =11.5.2 | |
| F5 BIG-IP Advanced Firewall Manager | =11.5.3 | |
| F5 BIG-IP Advanced Firewall Manager | =11.5.4 | |
| F5 BIG-IP Advanced Firewall Manager | =11.6.0 | |
| F5 BIG-IP Advanced Firewall Manager | =11.6.1 | |
| F5 BIG-IP Advanced Firewall Manager | =12.0.0 | |
| F5 BIG-IP Advanced Firewall Manager | =12.1.0 | |
| F5 BIG-IP Application Security Manager | =11.5.0 | |
| F5 BIG-IP Application Security Manager | =11.5.1 | |
| F5 BIG-IP Application Security Manager | =11.5.2 | |
| F5 BIG-IP Application Security Manager | =11.5.3 | |
| F5 BIG-IP Application Security Manager | =11.5.4 | |
| F5 BIG-IP Application Security Manager | =11.6.0 | |
| F5 BIG-IP Application Security Manager | =11.6.1 | |
| F5 BIG-IP Application Security Manager | =12.0.0 | |
| F5 BIG-IP Application Security Manager | =12.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-5700?
CVE-2016-5700 has been classified as a critical vulnerability due to its potential to allow remote attackers to modify the system.
How do I fix CVE-2016-5700?
To remediate CVE-2016-5700, upgrade affected F5 BIG-IP systems to the versions specified in the official security advisory.
Which F5 BIG-IP versions are affected by CVE-2016-5700?
CVE-2016-5700 affects multiple versions of F5 BIG-IP, including 11.5.0 to 12.1.0 prior to specific hotfix releases.
What types of functionalities are vulnerable in CVE-2016-5700?
The vulnerability in CVE-2016-5700 specifically involves the HTTP Explicit Proxy and SOCKS profile functionalities that can be exploited by an attacker.
Can CVE-2016-5700 be exploited remotely?
Yes, CVE-2016-5700 can be exploited by remote attackers, making it particularly dangerous if not addressed.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/f5
- canonical/f5 big-ip policy enforcement manager
- version/f5 big-ip policy enforcement manager/11.5.0
- version/f5 big-ip policy enforcement manager/11.5.1
- version/f5 big-ip policy enforcement manager/11.5.2
- version/f5 big-ip policy enforcement manager/11.5.3
- version/f5 big-ip policy enforcement manager/11.5.4
- version/f5 big-ip policy enforcement manager/11.6.0
- version/f5 big-ip policy enforcement manager/11.6.1
- version/f5 big-ip policy enforcement manager/12.0.0
- version/f5 big-ip policy enforcement manager/12.1.0
- canonical/f5 big-ip local traffic manager
- version/f5 big-ip local traffic manager/11.5.0
- version/f5 big-ip local traffic manager/11.5.1
- version/f5 big-ip local traffic manager/11.5.2
- version/f5 big-ip local traffic manager/11.5.3
- version/f5 big-ip local traffic manager/11.5.4
- version/f5 big-ip local traffic manager/11.6.0
- version/f5 big-ip local traffic manager/11.6.1
- version/f5 big-ip local traffic manager/12.0.0
- version/f5 big-ip local traffic manager/12.1.0
- canonical/f5 websafe
- version/f5 websafe/11.6.0
- version/f5 websafe/11.6.1
- version/f5 websafe/12.0.0
- version/f5 websafe/12.1.0
- canonical/f5 big-ip link controller
- version/f5 big-ip link controller/11.5.0
- version/f5 big-ip link controller/11.5.1
- version/f5 big-ip link controller/11.5.2
- version/f5 big-ip link controller/11.5.3
- version/f5 big-ip link controller/11.5.4
- version/f5 big-ip link controller/11.6.0
- version/f5 big-ip link controller/11.6.1
- version/f5 big-ip link controller/12.0.0
- version/f5 big-ip link controller/12.1.0
- canonical/f5 big-ip application acceleration manager
- version/f5 big-ip application acceleration manager/11.5.0
- version/f5 big-ip application acceleration manager/11.5.1
- version/f5 big-ip application acceleration manager/11.5.2
- version/f5 big-ip application acceleration manager/11.5.3
- version/f5 big-ip application acceleration manager/11.5.4
- version/f5 big-ip application acceleration manager/11.6.0
- version/f5 big-ip application acceleration manager/11.6.1
- version/f5 big-ip application acceleration manager/12.0.0
- version/f5 big-ip application acceleration manager/12.1.0
- canonical/f5 big-ip access policy manager
- version/f5 big-ip access policy manager/11.5.0
- version/f5 big-ip access policy manager/11.5.1
- version/f5 big-ip access policy manager/11.5.2
- version/f5 big-ip access policy manager/11.5.3
- version/f5 big-ip access policy manager/11.5.4
- version/f5 big-ip access policy manager/11.6.0
- version/f5 big-ip access policy manager/11.6.1
- version/f5 big-ip access policy manager/12.0.0
- version/f5 big-ip access policy manager/12.1.0
- canonical/f5 big-ip advanced firewall manager
- version/f5 big-ip advanced firewall manager/11.5.0
- version/f5 big-ip advanced firewall manager/11.5.1
- version/f5 big-ip advanced firewall manager/11.5.2
- version/f5 big-ip advanced firewall manager/11.5.3
- version/f5 big-ip advanced firewall manager/11.5.4
- version/f5 big-ip advanced firewall manager/11.6.0
- version/f5 big-ip advanced firewall manager/11.6.1
- version/f5 big-ip advanced firewall manager/12.0.0
- version/f5 big-ip advanced firewall manager/12.1.0
- canonical/f5 big-ip application security manager
- version/f5 big-ip application security manager/11.5.0
- version/f5 big-ip application security manager/11.5.1
- version/f5 big-ip application security manager/11.5.2
- version/f5 big-ip application security manager/11.5.3
- version/f5 big-ip application security manager/11.5.4
- version/f5 big-ip application security manager/11.6.0
- version/f5 big-ip application security manager/11.6.1
- version/f5 big-ip application security manager/12.0.0
- version/f5 big-ip application security manager/12.1.0