CVE-2017-6156

Description

When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 system is configured with a wildcard IPSec tunnel endpoint, it may allow a remote attacker to disrupt or impersonate the tunnels that have completed phase 1 IPSec negotiations. The attacker must possess the necessary credentials to negotiate the phase 1 of the IPSec exchange to exploit this vulnerability; in many environment this limits the attack surface to other endpoints under the same administration.

Risk Information

Base Score

6.4

MODERATE

Vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

EPSS Score

Exploitation Probability

0.394

Associated Vulnerability

Vulnerability	OS Platform
CVE-2017-6156	NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234