CVE-2017-6147
First published: Mon Sep 18 2017(Updated: )
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe 12.1.2-HF1 and 13.0.0, an undisclosed type of responses may cause TMM to restart, causing an interruption of service when "SSL Forward Proxy" setting is enabled in both the Client and Server SSL profiles assigned to a BIG-IP Virtual Server.
Credit: f5sirt@f5.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Riverbed SteelApp Traffic Manager | =12.1.2 | |
| Riverbed SteelApp Traffic Manager | =13.0.0 | |
| F5 BIG-IP Application Acceleration Manager | =12.1.2 | |
| F5 BIG-IP Application Acceleration Manager | =13.0.0 | |
| F5 BIG-IP Advanced Firewall Manager | =12.1.2 | |
| F5 BIG-IP Advanced Firewall Manager | =13.0.0 | |
| F5 BIG-IP Analytics | =12.1.2 | |
| F5 BIG-IP Analytics | =13.0.0 | |
| F5 Access Policy Manager | =12.1.2 | |
| F5 Access Policy Manager | =13.0.0 | |
| F5 Application Security Manager | =12.1.2 | |
| F5 Application Security Manager | =13.0.0 | |
| F5 BIG-IP | =12.1.2 | |
| F5 BIG-IP | =13.0.0 | |
| F5 BIG-IP Link Controller | =12.1.2 | |
| F5 BIG-IP Link Controller | =13.0.0 | |
| F5 BIG-IP Policy Enforcement Manager | =12.1.2 | |
| F5 BIG-IP Policy Enforcement Manager | =13.0.0 | |
| F5 WebSafe | =12.1.2 | |
| F5 WebSafe | =13.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2017-6147?
The severity of CVE-2017-6147 is considered to be high due to its potential to cause service interruption.
How do I fix CVE-2017-6147?
To fix CVE-2017-6147, update your F5 BIG-IP software to versions 12.1.2-HF2 or 13.0.0-HF1 or later.
Which F5 BIG-IP versions are affected by CVE-2017-6147?
CVE-2017-6147 affects F5 BIG-IP versions 12.1.2 and 13.0.0.
What does CVE-2017-6147 affect in F5 BIG-IP systems?
CVE-2017-6147 affects several modules including LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe.
What happens if I leave CVE-2017-6147 unpatched?
Leaving CVE-2017-6147 unpatched may lead to TMM restarts and service interruptions for users.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/description
- agent/severity
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/f5
- canonical/riverbed steelapp traffic manager
- version/riverbed steelapp traffic manager/12.1.2
- version/riverbed steelapp traffic manager/13.0.0
- canonical/f5 big-ip application acceleration manager
- version/f5 big-ip application acceleration manager/12.1.2
- version/f5 big-ip application acceleration manager/13.0.0
- canonical/f5 big-ip advanced firewall manager
- version/f5 big-ip advanced firewall manager/12.1.2
- version/f5 big-ip advanced firewall manager/13.0.0
- canonical/f5 big-ip analytics
- version/f5 big-ip analytics/12.1.2
- version/f5 big-ip analytics/13.0.0
- canonical/f5 access policy manager
- version/f5 access policy manager/12.1.2
- version/f5 access policy manager/13.0.0
- canonical/f5 application security manager
- version/f5 application security manager/12.1.2
- version/f5 application security manager/13.0.0
- canonical/f5 big-ip
- version/f5 big-ip/12.1.2
- version/f5 big-ip/13.0.0
- canonical/f5 big-ip link controller
- version/f5 big-ip link controller/12.1.2
- version/f5 big-ip link controller/13.0.0
- canonical/f5 big-ip policy enforcement manager
- version/f5 big-ip policy enforcement manager/12.1.2
- version/f5 big-ip policy enforcement manager/13.0.0
- canonical/f5 websafe
- version/f5 websafe/12.1.2
- version/f5 websafe/13.0.0