CVE-2017-6161

Description

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypted and authenticate connections to mcpd. This vulnerability may allow remote attackers to cause a denial-of-service (DoS) attack via resource exhaustion.

Risk Information

Base Score

5.3

MODERATE

Vector

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

Exploitation Probability

2.748

Associated Vulnerability

Vulnerability	OS Platform
Uncontrolled Resource Consumption Vulnerability (CVE-2017-6161)	NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234