What is the severity of CVE-2017-6154?

CVE-2017-6154 is classified as a medium severity vulnerability due to potential system crashes affecting BIG-IP systems.

How do I fix CVE-2017-6154?

To fix CVE-2017-6154, upgrade your F5 BIG-IP Application Security Manager to versions 11.6.3, 12.1.4, or 13.1.0 and above.

Which F5 BIG-IP versions are affected by CVE-2017-6154?

CVE-2017-6154 affects F5 BIG-IP versions 11.6.1 - 11.6.2, 12.1.0 - 12.1.3.1, and 13.0.0.

What happens if my system is vulnerable to CVE-2017-6154?

If your system is vulnerable to CVE-2017-6154, it may experience unexpected crashes and core dumps when processing certain types of data.

Is there a workaround for CVE-2017-6154?

There is no documented workaround for CVE-2017-6154, hence upgrading to a patched version is recommended.

Vulnerability/
CVE-2017-6154

high

7.5

CWE

1/3/2018

16/9/2024

CVE-2017-6154: Input Validation

First published: Thu Mar 01 2018(Updated: )

On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - 11.6.2, the BIG-IP ASM bd daemon may core dump memory under some circumstances when processing undisclosed types of data on systems with 48 or more CPU cores.

Credit: f5sirt@f5.com

Affected Software	Affected Version	How to fix
F5 Application Security Manager	>=11.6.1<=11.6.2
F5 Application Security Manager	>=12.1.0<=12.1.3.1
F5 Application Security Manager	=13.0.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-6154?
CVE-2017-6154 is classified as a medium severity vulnerability due to potential system crashes affecting BIG-IP systems.
How do I fix CVE-2017-6154?
To fix CVE-2017-6154, upgrade your F5 BIG-IP Application Security Manager to versions 11.6.3, 12.1.4, or 13.1.0 and above.
Which F5 BIG-IP versions are affected by CVE-2017-6154?
CVE-2017-6154 affects F5 BIG-IP versions 11.6.1 - 11.6.2, 12.1.0 - 12.1.3.1, and 13.0.0.
What happens if my system is vulnerable to CVE-2017-6154?
If your system is vulnerable to CVE-2017-6154, it may experience unexpected crashes and core dumps when processing certain types of data.
Is there a workaround for CVE-2017-6154?
There is no documented workaround for CVE-2017-6154, hence upgrading to a patched version is recommended.

agent/references
agent/type
agent/softwarecombine
agent/author
agent/weakness
agent/description
agent/severity
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/f5
canonical/f5 application security manager
version/f5 application security manager/11.6.1
version/f5 application security manager/11.6.2
version/f5 application security manager/12.1.0
version/f5 application security manager/12.1.3.1
version/f5 application security manager/13.0.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.